NP. FYI, The CA/B forum is likely to mandate ALL Certificate Authorities perform multiple perspective validation within the next 2-3 years; support has been growing amongst it's member for an amendment to the Baseline Requirements covering this. Unless you are considering a Commercial CA who will not use ACME to issue your certificates (which are increasingly getting shorter in max duration), I strongly suggest you invest the time now to address this on your infrastructure and not defer the task or create new technical debt.
I shared some quick notes on using handling this with standard linux iptables here:
There are more detailed posts by others on this site as well.