Log Message:
Update security/py-{acme,certbot} to 0.21.1.

- When creating an HTTP to HTTPS redirect in Nginx, we now ensure the
  Host header of the request is set to an expected value before
  redirecting users to the domain found in the header. The previous way
  Certbot configured Nginx redirects was a potential security issue
- Fixed a problem where Certbot's Apache plugin could fail HTTP-01
  challenges if basic authentication is configured for the domain you
  request a certificate for.
- certbot-auto --no-bootstrap now properly tries to use Python 3.4 on
  RHEL 6 based systems rather than Python 2.6.