From 6120a2b4769a1060bbe2a4773405df0466b5598e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Richard=20K=C3=B6rber?= <github@shredzone.org>
Date: Fri, 7 Jun 2024 17:18:04 +0200
Subject: [PATCH] Do not set autoRenewal on cert replacement (fixes #158)

---
 .../org/shredzone/acme4j/OrderBuilder.java    | 117 +++++++++---------
 1 file changed, 58 insertions(+), 59 deletions(-)

diff --git a/acme4j-client/src/main/java/org/shredzone/acme4j/OrderBuilder.java b/acme4j-client/src/main/java/org/shredzone/acme4j/OrderBuilder.java
index 8aab9edd..97e377fb 100644
--- a/acme4j-client/src/main/java/org/shredzone/acme4j/OrderBuilder.java
+++ b/acme4j-client/src/main/java/org/shredzone/acme4j/OrderBuilder.java
@@ -178,65 +178,6 @@ public class OrderBuilder {
         return this;
     }
 
-    /**
-     * Notifies the CA that the ordered certificate will replace a previously issued
-     * certificate. The certificate is identified by its ARI unique identifier.
-     * <p>
-     * Optional, only supported if the CA provides renewal information. However, in this
-     * case the client <em>should</em> include this field.
-     *
-     * @param uniqueId
-     *         Certificate's renewal unique identifier.
-     * @return itself
-     * @draft This method is currently based on an RFC draft. It may be changed or removed
-     * without notice to reflect future changes to the draft. SemVer rules do not apply
-     * here.
-     * @since 3.2.0
-     */
-    public OrderBuilder replaces(String uniqueId) {
-        autoRenewal();
-        this.replaces = Objects.requireNonNull(uniqueId);
-        return this;
-    }
-
-    /**
-     * Notifies the CA that the ordered certificate will replace a previously issued
-     * certificate.
-     * <p>
-     * Optional, only supported if the CA provides renewal information. However, in this
-     * case the client <em>should</em> include this field.
-     *
-     * @param certificate
-     *         Certificate to be replaced
-     * @return itself
-     * @draft This method is currently based on an RFC draft. It may be changed or removed
-     * without notice to reflect future changes to the draft. SemVer rules do not apply
-     * here.
-     * @since 3.2.0
-     */
-    public OrderBuilder replaces(X509Certificate certificate) {
-        return replaces(getRenewalUniqueIdentifier(certificate));
-    }
-
-    /**
-     * Notifies the CA that the ordered certificate will replace a previously issued
-     * certificate.
-     * <p>
-     * Optional, only supported if the CA provides renewal information. However, in this
-     * case the client <em>should</em> include this field.
-     *
-     * @param certificate
-     *         Certificate to be replaced
-     * @return itself
-     * @draft This method is currently based on an RFC draft. It may be changed or removed
-     * without notice to reflect future changes to the draft. SemVer rules do not apply
-     * here.
-     * @since 3.2.0
-     */
-    public OrderBuilder replaces(Certificate certificate) {
-        return replaces(certificate.getCertificate());
-    }
-
     /**
      * Sets the earliest date of validity of the first issued certificate. If not set,
      * the start date is the earliest possible date.
@@ -328,6 +269,64 @@ public class OrderBuilder {
         return this;
     }
 
+    /**
+     * Notifies the CA that the ordered certificate will replace a previously issued
+     * certificate. The certificate is identified by its ARI unique identifier.
+     * <p>
+     * Optional, only supported if the CA provides renewal information. However, in this
+     * case the client <em>should</em> include this field.
+     *
+     * @param uniqueId
+     *         Certificate's renewal unique identifier.
+     * @return itself
+     * @draft This method is currently based on an RFC draft. It may be changed or removed
+     * without notice to reflect future changes to the draft. SemVer rules do not apply
+     * here.
+     * @since 3.2.0
+     */
+    public OrderBuilder replaces(String uniqueId) {
+        this.replaces = Objects.requireNonNull(uniqueId);
+        return this;
+    }
+
+    /**
+     * Notifies the CA that the ordered certificate will replace a previously issued
+     * certificate.
+     * <p>
+     * Optional, only supported if the CA provides renewal information. However, in this
+     * case the client <em>should</em> include this field.
+     *
+     * @param certificate
+     *         Certificate to be replaced
+     * @return itself
+     * @draft This method is currently based on an RFC draft. It may be changed or removed
+     * without notice to reflect future changes to the draft. SemVer rules do not apply
+     * here.
+     * @since 3.2.0
+     */
+    public OrderBuilder replaces(X509Certificate certificate) {
+        return replaces(getRenewalUniqueIdentifier(certificate));
+    }
+
+    /**
+     * Notifies the CA that the ordered certificate will replace a previously issued
+     * certificate.
+     * <p>
+     * Optional, only supported if the CA provides renewal information. However, in this
+     * case the client <em>should</em> include this field.
+     *
+     * @param certificate
+     *         Certificate to be replaced
+     * @return itself
+     * @draft This method is currently based on an RFC draft. It may be changed or removed
+     * without notice to reflect future changes to the draft. SemVer rules do not apply
+     * here.
+     * @since 3.2.0
+     */
+    public OrderBuilder replaces(Certificate certificate) {
+        return replaces(certificate.getCertificate());
+    }
+
     /**
      * Sends a new order to the server, and returns an {@link Order} object.
      *