acme

• certbot/docs/install.rst points to certbot-auto uninstall instructions
• certbot/docs/uninstall.rst certbot-auto uninstall instructions
• certbot/docs/using.rst certbot-auto is mentioned as a deprecated installation method that people might need to change the command in response to

At some point, we should probably remove these, possibly depending on how our usage statistics look.

The recommendation is to set Cache-Control: private, no-store on any endpoint with sensitive information. Because while you can protect the traffic with TLS, you also need to keep sensitive information out of a client's (unencrypted) HTTP cache. I'm not sure how relevant this is to the API context of step-ca though—I've never seen an HTTP client library that caches content. But I guess the poi

Beyonce said it best. If you like it then you shoulda put a test on it. Scenarios I like:

• Cert is created with right DN
• Cert is stored to X509Store after creation
• Cert request is not resubmitted
• Handles failures gracefully
• HTTP challenge/response works as expected
• Certificate renewal when cert is about to expiration

As @rjkroege mentioned in rjkroege/edwood#288 tokenizing the results of the getarg function would allow for more robust parsing of the given arguments.