Authorities (e.g. Let's Encrypt) usually have Terms of Serivce (ToS)
that have to be agreed to. Up until this point we automatically
indicated agreement to those ToS and sent the necessary value.
This commit changes the behaviour to be in line with recommendations
from Let's Encrypt that the user themselves have to indicate their
agreement by no longer automatically doing so (except for cases of
legacy configuration files to provide compatibility).
The user can now indicate ToS agreement by either setting the associated
configuration variable (authority_tos_agreement) to the required value
and/or providing the required value via a command-line parameter
(--authority-tos-agreement=<value>/--tos-agreement=<value>/--tos=<value>)
This adds a few basic command line parameters to allow further
customization of the configuration locations. As well as defining new
default locations for the acertmgr config files and updating the parser
with missing values, so that the config dictionary provided to the
acertmgr process after parsing is complete and no cross reference to the
configuration module is necessary. The parser error handling is also
improved.
Besides the fact that this removes redundant code, hard coded location
of file is generally no good idea
Also adapt README.md and provide a default location for key files.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
openssl genrsa > foo will allow group and world read. Add a hint that
these permissions should be adjusted.
Signed-off-by: Ralf Ramsauer <ralf@ramses-pyramidenbau.de>
