[throwaway89201]

I think the suggestion of pinning the public key and keeping the same private key across certs is the best option. But if you don't want that, perhaps this is a (high complexity, high fragility) alternative:

- Make sure your app checks that enough trusted embedded Signed Certificate Timestamps are present in the certificate (web browsers and the iOS and Android frameworks already do this by default).

- Disallow your app to trust certificates that are more recently requested than N hours. This might be hard to do.

- Set up monitoring to the certificate transparency logs to verify that no bad actor has obtained a certificate (and make sure you are always able to revoke them within N hours).

- Make sure you always have fresh keys with certificates in cold storage older than N hours, because you can't immediately use newly obtained certificates