Improve acme.sh settings

the integration of acme.sh is very nice. and the auto detection work very nice on one of my servers. 👍

we are using acme.sh on other systems for a while now and i want to suggest a few things, some could/should also work with certbot.

add optional support for --preferred-chain that would allow usage of the DST Root after the transitioning to ISRG's Root (docs https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain) (certbot 1.6.0+)
add support for setting keylength via UI, so the user could also select ec-256 etc. (see https://github.com/acmesh-official/acme.sh/blob/ddc91ce7c35679c95209137cfc37a1835f369abc/acme.sh#L6467). When the domain key is an ec-*-key the parameter --ecc is needed

I would add both options as a global option under "system" > "server config" > "web" > "ssl settings"

if you are interested in adding these settings, I will try to make a patch for that.

Edited Sep 07, 2020 by Pascal Herbert