Change rate limited error message

lectl

@@ -96,12 +96,13 @@
 # 2018-Feb-15: Fix, add 1 hour when showing the next date you could issue a cert when hitting the rate limit. This is because Let's Encrypt always issue the certificates using 1 hour less than real time but Let's Encrypt keeps the real time in their DB to remove expired limits (v0.13)
 # 2018-Apr-16: Enhanced, added column CERT TYPE to show whether the logged cert is the Final cert or the Pre cert. Due LE is embeding SCT receipts in certificates, the certificates are logged twice, the pre certificate and the final cert with the embeded SCT receipts. As Final certificates are logged a few hours or days after the pre certificate, the script only takes care of pre certificates to check them against the rate limits (v0.14)
 # 2018-Apr-16: Enhanced, added options [-p|--pre] and [-f|--final] to show only Pre certificates or to show only Final certificates. If no option, script will show both types of certificates. The rate limits using -f option could not be accurate due this type of cert takes too long to be logged. Rate limits using --pre option or none are counted using only the logged pre certs (v0.15)
-# 2018-Aug-05: Fix, Let's Encrypt has raised the rate limit to issue certificates for a domain in 7 days from 20 to 50,so I've updated it too (v0.16). 
+# 2018-Aug-05: Fix, Let's Encrypt has raised the rate limit to issue certificates for a domain in 7 days from 20 to 50,so I've updated it too (v0.16).
 # 2018-Aug-23: Enhanced, grep pattern modified to allow searches using wildcard subdomains *.domain.tld. Keep in mind that using *.domain.tld searches literally for *.domain.tld and in this case * doesn't act as a wildcard. Thanks to @travisjeffery for requesting it and provide a pull a request (v0.17)
 # 2020-Jan-24: Fix, crt.sh has been moved to new servers and has changed how the html is presented so lectl was not able to get the right info and was not working at all. This has been fixed in this release, we'll see how long lasts (v0.18)
 # 2020-Jan-25: Fix, some commands were not used as variables (v0.19)
 # 2020-Feb-01: Fix, even if there are no certificates for a domain, lectl returns 1 certificate because the wc -l command also counts blank lines (v0.20)
 # 2020-Aug-09: Enhanced, added column KEY ALG to show the Key Algorithm used in certificate. Examples; RSA 2048bit, ECC 256bit, etc. (v0.21)
+# 2023-Jul-24: Update rate limited error message. Add more checks for required utility tools. (v0.22)
 # TODO:
 # Clean up and comment the code
 # Create auto-update version (comming...some day...or not)
@@ -126,9 +127,9 @@ if [ "$(uname -s)" = "Darwin" ]; then
 fi
 
 # Script version/name variables
-version='0.21' 
-scriptname='lectl'
-lastmodification='2020-August-09'
+version='0.22'
+scriptname='${BASH_SOURCE[0]}'
+lastmodification='2023-July-24'
 checknewversion=1
 forceupgrade=0
 maxnumberofcerts=100
@@ -153,7 +154,7 @@ for i in $*;do
 done
 }
 
-_checkcommands "$_curl $_awk $_grep $_sed $_cat $_date $_sort $_column $_tail"
+_checkcommands "$_curl $_awk $_grep $_sed $_cat $_date $_sort $_column $_tail ${_tr} ${_wc}"
 
 _checknewversion() {
  if [ $checknewversion = 1 ];then
@@ -198,7 +199,7 @@ fi
 
 # No comment[s]
 _plural() {
- if [ "$1" -eq "1" ] || [ "$1" -eq "-1" ];then
+ if [ "${1}" -eq "1" ] || [ "${1}" -eq "-1" ];then
  printf ''
  else
  printf 's'
@@ -397,7 +398,7 @@ for i in $(echo "${certsfound}");do
 
  $_curl -sS "${crturldomainid}${id}" > "${tempfile}.${id}" 2>/dev/null
  _checkerror "Failed to retrieve ${crturldomainid}${id}"
- 
+
  algorithm=$($_sed 's/&nbsp;//g' "${tempfile}.${id}" | $_sed 's/<BR>/\n/g' | $_grep PublicKeyAlgorithm | $_grep rsa &>/dev/null && echo RSA || echo ECC)
  publickey=$($_sed 's/&nbsp;//g' "${tempfile}.${id}" | $_sed 's/<BR>/\n/g' | $_grep 'Public-Key:' | $_awk -F':' '{print $2}' | $_tr -d '()')
  keyalgorithm="$algorithm $publickey"
@@ -469,7 +470,8 @@ if [ $maxnumberofcerts -ge $ratelimit ]; then
  echo "You could issue next certificate on $next"
  printf '\n'
  echo "Note 1: Keep in mind that if ${domain} is included in PSL (Public Suffix List) the rate limit could only be applied to your subdomain instead of your domain."
- echo "Note 2: Right now Let's Encrypt is implementing a new feature so if you renew the exact cert (with the same FQDNs) the rate limit could not apply to your domain if you try to renew it."
+ echo "Note 2: If you requested a rate limit adjustment for your domain or ACME account ID via https://letsencrypt.org/docs/rate-limits/ that change is not reflected here."
+ echo "Note 3: Let's Encrypt has a renewal exemption for the certificates/registered domain/week rate limit. More information can be found at: https://letsencrypt.org/docs/rate-limits/"
  printf '\n'
  else
  if [ -z "${extraline}" ];then echo " ";fi