The process is as follows: When applying for a certificate via DNS Challenge, if the client fails to complete the challenge for some reason, the client sets the order to "deactivated". The client then initiates a second application, obtaining a new Authorization URL. However, instead of proceeding with the challenge, we directly initiate a third order creation, at which point we receive an Authorization URL that differs from the second one. After a successful challenge, if we retry the steps above, the returned results become as expected.
If after initially creating an order, we create a new order without attempting the challenge, the Authorization URL we obtain remains unchanged.
Although this doesn't cause any actual issues, it seems inconsistent with our expected behavior.
We set up a local ACME CA Server using GitHub - letsencrypt/boulder: An ACME-based certificate authority, written in Go. for testing, but after creating the third order, the Authorization URL we retrieve matches the one from the second attempt.
What differences might exist in the production environment?