Does Win-Acme / LetsEncrypt renew existing certificates or replace them?

I'm at the initial stages of considering the use of LetsEncrypt certificates for my Windows radius server. I don't see any purpose in the purchase and renewal process every year for what it is used for.

My question is this...Using Win-Acme to automatically renew the certificates, does it extend/renew the existing certificate, or does it create a new certificate and remove the old?

In my Radius configuration I have to select the certificates to use for authentication. I'm concerned that the renewal process will generate a new certificate which will not be assigned on the Radius server, and authentication will fail. I'm assuming if this is the case, the next step would be to setup a script to possibly handle the Radius reconfiguration because I do not think Win-Acme will do it.

After a quick view into the documentation it looks like the behaviour depends on what you select to store the certificates.

For example, for the windows certificate store there is a flag --keepexisting which indicates that by default the old certificate is removed on renewal.

For the other storage options, there is nothing mentioned explicitly, but there is an option DeleteStaleFiles, which defaults to false. If enabled, old files are removed from the certificate store path after 120 days. This indicates that by default old certificate files are kept (if you select files as the storage option).