added config option to set path for openssl config file (currently only used for generating a signing request)

show expire date when we don't need to renew a certifcate

generate a new private key for each csr if the user wishes so

trying to capture http status codes from curl instead of using "--fail" to be able to capture acme error messages

fixed logic to check status from our challenge

the old code had a problem and would interpret a challenge that
returned "pending" and then "invalid" as valid.

This code actually has another problem. The RFC defines:

"status (optional, string):  The status of this authorization.
 Possible values are: "pending", "valid", and "invalid".  If this
 field is missing, then the default value is "pending"."

So actually the correct way to implement this would be:

while [[ -z "${status}" ]] || [[ "${status}" = "pending" ]]; do

But without further checks this might lead to an endless loop. So this
is "good enough(tm)". ;)

In a worst case scenario the new certificate is broken and we are left
without a working certificate (or need to restore one from our backup).

This way we only need to change the symlink to the known working cert

https://github.com/koalaman/shellcheck/wiki/Sc2086

https://google.github.io/styleguide/shell.xml#Test,_%5B_and_%5B%5B

add challenge hook and minor fixes/improvements

Prevents an error if running for the first time in a different
directory.

letsencrypt.sh is mainly used with letsencrypt.org.