compressed some lines to bring the line count back down under 200 lines, removed example cronjob in command line help since it comflicts with the README

reconfigured handling openssl configs for keys setup to remove 'ResourceWarning: unclosed file...' warnings on tests

switched to re-generating account and cert keys every test since staging tests keep authorizations valid between tests

updated tests to support both local letsencrypt/pebble server or staging server, increased coverage to 100% for pebble test runs, removed fuse as dependency and instead added instructions to mount remote filesystem on local instead for staging tests

Duplicate intermediate certificates are known to cause issues with GnuTLS 3.7.0 based clients on servers not based on GnuTLS (e.g. OpenSSL-based servers). Document this in the according upgrade note in README.md.

See https://gitlab.com/gnutls/gnutls/-/issues/1131

Authorizations that already have a status of "valid" do not need
to be validated again (until the authorization expires).
Skipping these authorizations makes it possible to obtain certificates
for domains for which a dns-01 validation is still valid, as
acme_tiny is unable to re-validate them. (The alternative would be
to wait up to a month until the authorization expires, or use a
different acme client.)

The --dry-run option is a shortcut

  --directory-url https://acme-staging-v02.api.letsencrypt.org/directory

to use Let's Encrypt staging environment for testing.

People over at the DebOps project encountered problems running
acme-tiny on Python 3-only systems [1]. As described in the Debian
Python Policy [2], this behaviour is expected when using the
(discouraged) 'python' interpreter. This commit modifies the shebang
line to specify the 'python3' interpreter instead.

[1] https://github.com/debops/debops/issues/1079#issuecomment-562854976
[2] https://www.debian.org/doc/packaging-manuals/python-policy/python.html#interpreter

made public key parsing more robust for windows (still not officially supporting windows though), fixes issue #228

Thanks to [openssl@bfa470a](https://github.com/openssl/openssl/commit/bfa470a4f64313651a35571883e235d3335054eb), we don't have to use such a cluster of a workaround to generate multi-domain CSRs

Leaving the old syntax in, however, for historical interest and for those stuck on such operating systems

pointed out by @felixfontein in #222, we shouldn't delete the challenge files on errors, but we should clean them up on success