Hi @schoen thank you for all the awesome effort Certbot and all you do for all of us and LEtsEncrypt community.
Appreciate the info that you gave.
So to confirm, I will need to regenerate a new certificate, but I can use same CSR as follows:
certbot certonly --manual --csr previous_csr_file --preferred-challenges "dns"
-
You confirm?
-
This would also mean that it will resolve the HPKP issue of not having to change the PINS - am I correct?