acme_certificate and acme_certificate_create_order: add order_creation_error_strategy and order_creation_max_retries options (#842)

* Provide error information.

* Add helper function for order creation retrying.

* Improve existing documentation.

* Document 'replaces' return value.

* Add order_creation_error_strategy and order_creation_max_retries options.

* Add changelog fragment.

* Fix authz deactivation for finalizing step.

* Fix profile handling on order creation.

* Improve existing tests.

* Add ARI and profile tests.

* Warn when 'replaces' is removed when retrying to create an order.

plugins/module_utils/acme/challenges.py

@@ -322,6 +322,23 @@ class Authorization(object):
             return True
         return False
 
+    @classmethod
+    def deactivate_url(cls, client, url):
+        '''
+        Deactivates this authorization.
+        https://community.letsencrypt.org/t/authorization-deactivation/19860/2
+        https://tools.ietf.org/html/rfc8555#section-7.5.2
+        '''
+        authz = cls(url)
+        authz_deactivate = {
+            'status': 'deactivated'
+        }
+        if client.version == 1:
+            authz_deactivate['resource'] = 'authz'
+        result, info = client.send_signed_request(url, authz_deactivate, fail_on_error=True)
+        authz._setup(client, result)
+        return authz
+
 
 def wait_for_validation(authzs, client):
     '''