Currently acme-chief offers some features that are being ignored by its clients:
- dual-cert set-up: all acme-chief clients that support dual-cert stack are currently using ECDSA+RSA certificates
- OCSP stapling support (T232988)
Currently (almost) every acme-chief client should be able to serve a dual-cert setup but all of them are using RSA-2048 certificates. (Take into account that our TLS traffic is mostly using ECDSA certificates).
Regarding OCSP stapling, at least nginx based acme-chief clients should be able to use it.