• Test case and work around for domain names > 64 octets. Fixes #227.
  When the first DNS name of an MD is longer than 63 octets, the certificate
  request will not contain a CN field, but leave it up to the CA to choose one.
  Currently, Lets Encrypt looks for a shorter name in the SAN list given and
  fails the request if none is found. But it is really up to the CA (and what
  browsers/libs accept here) and may change over the years. That is why
  the decision is best made at the CA.
• Reverted setting the environment variables for MDMessageCmd and MDNotifyCmd. This
  prevented the inheritance of existing environment variables as there seems to be
  no portable way to iterate those on all platforms. This led to a regression on
  Windows, see #198.
• Fixed several places where the 'badNonce' return code from an ACME server was not
  handled correctly. The test server 'pebble' simulates this behaviour by default
  and helps nicely in verifying this behaviour. Thanks, pebble!
• Removed support for ACMEv1 servers. The only known installation used to be Let's Encrypt
  which is disabled that version more than a year ago.
• Fixed a bug introduced by the multiple private key feature that did not trigger
  the tls-alpn-01 challenge at the ACME server on the first attempt. (It picked it up
  on the subsequent ones, though, prolonging the test suite but not failing it.)
• first successful test run against the pebble server. See README.md for details
  on how to set this up.
  Merges from 2.2.x maintenance branch:
• Changed minimal curl version necessary to 7.29, as proposed by @xl32.
• Retry delays now have a random +/-[0-50]% modification applied to let retries from several
  servers spread out more, should they have been restarted at the same time of day.
• Fixed a theoretical uninitialized read when testing for JSON error responses from the
  ACME CA. Bugreported at https://bz.apache.org/bugzilla/show_bug.cgi?id=64297.
  (Ported from maintenance-2.2.x branch)
• Adapted test suite to run against a current letsencrypt boulder version.
• ACME problem reports from CAs that include parameters in the Content-Type header are handled correctly.
  (Previously, the problem text would not be reported and retries could exist CA limits.)
• Account Update transactions to V2 CAs now use the correct POST-AS-GET method. Previously, an
  empty JSON object was sent - which apparently LE accepted, but others reject.
• If a CA directory includes both V1 and V2 endpoints, mod_md now will use the V2 endpoint. Previously,
  it would prefer V1 in this unusual configuration. V2 is standard; V1 is deprecated.
• Synchronized with Apache trunk changes, added test case for issue #218.