A general rework of code has been made to be compatible with the latest ACME draft 16 (v2.0 of acme-dns-tiny was based on draft 9).
First, unit tests now creates one account key by configuration sample, they correctly create and remove temporary files, and they read the GITLABCI_CONTACT environment variable.
Then, tools created from acme-dns-tiny has been updated too: key rollover has been redesigned completely by the RFC and it has been updated to be compatible with latest acme-dns-tiny style. Style of account deactivation has been updated too.
Finally, acme-dns-tiny itself had a lot of improvements:
Use standard Python3 doc strings instead of comments
Simplify returns of the _send_signed_request internal function to take advantage of the requests module
_send_signed_request is able to launch POST-as-GET authenticated requests as defined in recent RFC drafts
Config file now read the CertificateFormat key: it allows you, if needed, to ask for a specific chain file format instead of the default application/pem-certificate-chain as defined in the RFC.
Example config file now avoid to define optional keys, it only give documentation
In the CSR file, the CN value can be anywhere in the Subject string
If the order is already ready on the ACME server side, acme-dns-tiny doesn't run full process, but just ask the certificate chain.