I see that the rate limits are setup with a rewewal exemption now, which is great.
However, the exemption has this caveat:
Also note: the order of renewals and new issuances matters. To get the maximum possible number of certificates, you must perform all new issuances before renewals during a given time window.
This seems to be an odd setup for a system that intends for clients to automate renewals. Obviously, if my renewals are automated, its pretty darn likely that renewals will run before I try to issue a new cert, which is then more likely to run into the new cert rate limit. In fact, I just ran into this exact issue: a whole bunch of renewals automatically processed without issue (due to the client automation and renewal exemption, awesome), but now I can’t even issue a single new cert even though I’ve only issued two in the last week.
Can the renewal exemption be made independent of the new certificate rate limit?