Technically, yes. However, if the certificate is used with With HAproxy or any other solution that provides a stapled OCSP response from some kind of cache (e.g. as a file updated by cron), it is possible to avoid the outage completely by fetching the fresh OCSP response every day, and not updating the on-disk copy if it says "bad". This way, the old but still valid copy is served to customers while the system takes the necessary steps to renew the certificate.