Superseded certificate templates may be an issue, but it's easily avoided if you have the right policies in place. If you don't have autoenrollment configured properly for users it can result in the deletion of certificates, based on the certificate templates being superseded by other certificate templates, from user's AD store.
However, the troubleshooting steps for overcoming this issue (or better yet, configuring things properly so that this doesn't happen) are covered here.
In addition to the deployment guide you linked, I would also recommend checking out this additional WHFB deployment guide. This discusses some of the important considerations when replacing the Domain Controller.
Let me know if that's what you were looking for!