For users of the ACME v2 API you can create a maximum of 300 New Orders per account per 3 hours.
Does this rate limit apply to orders that don’t actually yield a certificate? For example, if an order has 3 domains, and one fails authz, then the client deletes the first order and submits a 2nd, does that constitute 2 “hits” against the 300/hr. rate limit, or one?
I was misremembering; in the moment I thought there was something in the protocol for deactivating/deleting orders that’s analogous to deactivating an authz object.