but it's parsed as a number.  Use the JS Date type for the values.

This script will request and install a certificate, then recycle your web
server.  This is barely sufficient, but a lot more needs to be done...
1) Tracking certificate expiration, and only placing a new order when
   appropriate.
2) Handling failure better.
3) Handle changes in the system password (like anyone ever does THAT).
4) Clean up stale authorizations.

Also, some enhanced features would be nice:
1) Adding a bunch of SANs, so virtual hosts Just Work
2) Key aging and updating
3) More control of certificate contents... I can't find a list of what
   Let's Encrypt supports in CSRs.

Parsing the response code and headers is an HTTP thing, not an ACME thing.

we are always freeing the pointer that was asigned the text.dat list and things
will crash (thanks for the report, Rastus).

done this now.  Whee!
LetSyncrypt 0.1-beta coming soon!

Also add add_public_key() and get_public_key() methods to CryptKeyset.
Not tested yet, but this should be everything we need to finish up
LetSyncrypt.

track it yourself though.

what you see there.

This class allows saving and loading private keys.  It doesn't currently
allow saving or loading *public* keys, since they require certificate support
which we don't yet have in our JavaScript Object Model.

I'll fix the JSDocs build in a minute.

L (capital 'L'): Lock a message base
U (capital 'U'): Unlock a message base

These commands maybe used to insure that a message base is not modified while
being backed-up (but don't forget to unlock them when you're done!).

Also note: if you back up all the files (including *.lock), then the backed-up
message bases will also be locked and will need to be unlocked (i.e. *.lock
removed) before they may be used again if/when restored.

allow the "last_msg" value to be changed as well.
When dumping a msgbase index, show 'M' for messages (not blank).
When running maintenance, read the entire index in one shot.
Don't display progress (percentage counting) during maintenance (just
slows it down).
When reading messages, get the plain-text version (MIME decode if needed).
When a message base fails to open, continue processing additional message bases
if specified on the command-line.

private key locally yet, so this is still useless.

Don't force set the label, require the caller to set it.
Fix up ASN.1 parsing of RSA certificates.

(Coverity clean-up) - apparently this function was already erroneously freeing
the object private pointer (p) and I copy/pasted that error into more places.

the format required by ACMEv2/Let's Encrypt.

Yes, this seems to be the easiest way to exfiltrate a private key from
a cryptlib context.