Update dependency org.shredzone.acme4j:acme4j-client to v3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
org.shredzone.acme4j:acme4j-client (source)	2.16 -> 3.1.1

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

shred/acme4j (org.shredzone.acme4j:acme4j-client)

v3.1.1

This is a maintenance release with updated dependencies. There are no changes to acme4j itself.

Bouncy Castle is updated to version 1.77, which fixes a vulnerability (CVE-2023-33201). acme4j-client was not affected by this CVE, as the X509 certificates from the CA are only passed through. acme4j-smime however is validating certificates, so it could have been affected. If you use the acme4j-smime module, I recommend to update to this release.

Fixes #​142.

v3.1.0: 3.1.0

• External account binding now permits to set individual MAC algorithms (AccountBuilder.withMacAlgorithm()) and usage of HMAC keys of arbitrary length. Thanks to @​aarcloudera and @​Radranic.
• The draft-ietf-acme-ari-01 implementation was missing a method 'Certificate.markAsReplaced()`. It is added now.
• All classes and methods related to draft-ietf-acme-ari-01 are now marked as @draft. As the draft evolves, they can change without prior notice. SemVer does not apply to parts that are marked as @draft. This is a preparation for draft-ietf-acme-ari-02, which will introduce major and breaking changes.

In the future, I will generally handle all draft implementations like that, as I don't want to do a major version bump of acme4j for every breaking change in a draft.

v3.0.0: 3.0.0

This is a major update!

Still the migration to v3.0.0 should be easy for most of you. See the migration guide for further information.

• acme4j now adheres to Semantic Versioning.
• The acme4j-utils module has been merged into acme4j-client. You can just remove the dependency on acme4j-utils from your project. This also means that BouncyCastle is now a hard requirement for acm4j. The separation of acme4j-client and acme4j-utils has become a blocker for new features though, so this step had to be taken.
• Requires Java 11. (For Java 8, you can still use acme4j v2, however it will only receive security bugfixes.)
• New method Certificate.findCertificate(String issuer) helps to find a certificate from the given issuer.
• Added support for draft-ietf-acme-ari-01 protocol.
• Reduced return of null values where possible. Methods that could have returned null in v2, will now return an Optional (or throw an exception if more appropriate). Collections may be empty, but are never null.
• PebbleAcmeProvider now accepts a port without having to set a host. Thanks to @​mloesch for the contribution!
• A new Order.execute(KeyPair) method takes care for creating a CSR for you. You won't need to do that anymore. See the acme4j-example for how it works.
• New AcmeNotSupportedException is thrown when the ACME server does not support a certain feature.
• HTTP accepts gzip compression. It can be turned off in the NetworkSettings or via org.shredzone.acme4j.gzip_compression system property.
• Uses the java.net.http client now.
• Documentation has been reviewed and extended.
• All deprecated methods have been removed.

The change to v3.0.0 has been blocking acme4j for much too long. I am happy that it is published now, and I can focus on adding new features again.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.