Obsolete Let's Encrypt note in README.md?

[GProst]

Is this still accurate info? https://github.com/unixcharles/acme-client#ordering-an-alternative-certificate I believe Let's Encrypt decided to not switch chains so it should continue working with the default chain? Links:

• https://letsencrypt.org/2020/12/21/extending-android-compatibility.html
• https://community.letsencrypt.org/t/production-chain-changes/150739

So it seems like order.certificate should work and no changes needed, am I correct?

[GProst]

BTW, we're having an issue because order.certificate uses alternative short chain that's not supported by old Android devices, calling order.certificate(force_chain: 'DST Root CA X3') doesn't help, it still uses the short chain without 'DST Root CA X3' for some reason...

[GProst]

Ah, nevermind the second comment, our code just assumed that the chain consists of 2 certs for some reason and the third one was skipped. Didn't know it would work...

[beam]

force_chain has opposite issue. It always download 'DST ROOT CA X3' chian :/ There could be something like this..

class Acme::Client
  class ChainIdentifier
    def match_name?(name)
      issuers.last.include?("/CN=#{name}") if issuers.any?
    end
  end
end

[robbat2]

@beam Thanks for that solution, worked great for us.

EXPECTED_TERMINAL_CERT_CN = 'ISRG Root X1'
order.certificate(force_chain: EXPECTED_TERMINAL_CERT_CN)

[unixcharles]

Closing since its not too relevant nowadays.

I would be open to add a method to download alternate certificates from the alternate http header and let the end user figure out which cert they want to use if that useful to anyone.