README.md in acme-client-2.0.7 vs README.md in acme-client-2.0.8

- old
+ new

@@ -21,21 +21,30 @@
 ```ruby
 gem 'acme-client'
 ```
 
 ## Usage
-* [Setting up a client](#setting-up-a-client)
-* [Account management](#account-management)
-* [Obtaining a certificate](#obtaining-a-certificate)
-  * [Ordering a certificate](#ordering-a-certificate)
-  * [Completing an HTTP challenge](#preparing-for-http-challenge)
-  * [Completing an DNS challenge](#preparing-for-dns-challenge)
-  * [Requesting a challenge verification](#requesting-a-challenge-verification)
-  * [Downloading a certificate](#downloading-a-certificate)
-* [Extra](#extra)
-  * [Certificate revokation](#certificate-revokation)
-  * [Certificate renewal](#certificate-renewal)
+- [Acme::Client](#acmeclient)
+  - [Installation](#installation)
+  - [Usage](#usage)
+  - [Setting up a client](#setting-up-a-client)
+  - [Account management](#account-management)
+  - [Obtaining a certificate](#obtaining-a-certificate)
+    - [Ordering a certificate](#ordering-a-certificate)
+    - [Preparing for HTTP challenge](#preparing-for-http-challenge)
+    - [Preparing for DNS challenge](#preparing-for-dns-challenge)
+    - [Requesting a challenge verification](#requesting-a-challenge-verification)
+    - [Downloading a certificate](#downloading-a-certificate)
+    - [Ordering an alternative certificate](#ordering-an-alternative-certificate)
+  - [Extra](#extra)
+    - [Certificate revokation](#certificate-revokation)
+    - [Certificate renewal](#certificate-renewal)
+  - [Not implemented](#not-implemented)
+  - [Requirements](#requirements)
+  - [Development](#development)
+  - [Pull request?](#pull-request)
+  - [License](#license)
 
 ## Setting up a client
 
 The client is initialized with a private key and the directory of your ACME provider.
 
@@ -89,11 +98,11 @@
 account.kid # => <kid string>
 ```
 
 If you already have an existing account (for example one created in ACME v1) please note that unless the `kid` is provided at initialization, the client will lazy load the `kid` by doing a `POST` to `newAccount` whenever the `kid` is required. Therefore, you can easily get your `kid` for an existing account and (if needed) store it for reuse:
 
-```
+```ruby
 client = Acme::Client.new(private_key: private_key, directory: 'https://acme-staging-v02.api.letsencrypt.org/directory')
 
 # kid is not set, therefore a call to newAccount is made to lazy-initialize the kid
 client.kid
 => "https://acme-staging-v02.api.letsencrypt.org/acme/acct/000000"
@@ -187,10 +196,27 @@
   order.reload
 end
 order.certificate # => PEM-formatted certificate
 ```
 
+### Ordering an alternative certificate
+
+Let's Encrypt is [transitioning](https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html) to use a new intermediate certificate. Starting January 11, 2021 new certificates will be signed by their own intermediate. To ease the transition on clients Let's Encrypt will continue signing an alternative version of the certificate using the old, cross-signed intermediate until September 29, 2021. In order to utilize an alternative certificate the `Order#certificate` method accepts a `force_chain` keyword argument, which takes the issuer name of the intermediate certificate.
+For example, to download the cross-signed certificate after January 11, 2021, call `Order#certificate` as follows:
+
+```ruby
+begin
+  order.certificate(force_chain: 'DST Root CA X3')
+rescue Acme::Client::Error::ForcedChainNotFound
+  order.certificate
+end
+```
+
+Note: if the specified forced chain doesn't match an existing alternative certificate the method will raise an `Acme::Client::Error::ForcedChainNotFound` error.
+
+Learn more about the original Github issue for this client [here](https://github.com/unixcharles/acme-client/issues/186), information from Let's Encrypt [here](https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html), and cross-signing [here](https://letsencrypt.org/certificates/#cross-signing).
+
 ## Extra
 
 ### Certificate revokation
 
 To revoke a certificate you can call `#revoke` with the certificate.
@@ -202,14 +228,20 @@
 ### Certificate renewal
 
 There is no renewal process, just create a new order.
 
 
-## Not implemented
+### Account Key Roll-over
 
-- Account Key Roll-over.
+To change the key used for an account you can call `#account_key_change` with the new private key or jwk.
 
+```ruby
+require 'openssl'
+new_private_key = OpenSSL::PKey::RSA.new(4096)
+client.account_key_change(private_key: new_private_key)
+```
+
 ## Requirements
 
 Ruby >= 2.1
 
 ## Development
@@ -225,6 +257,5 @@
 Yes.
 
 ## License
 
 [MIT License](http://opensource.org/licenses/MIT)
-