More info on how the auto renewal works

Hi I am looking for some more information on how lets encrypt renewal works to configure security on my kubernetes\cert manager environment.
I was able to get it working by temporarily allowing internet traffic so the domain validation would work. I would like to understand if my environment allows all outbound internet traffic (443 or 80 or both) will cert renewal work or does it need to access the domain again.

If you used HTTP validation to obtain your cert, Let’s Encrypt will need to connect to each domain name via HTTP every time it renews your cert (i.e., by default, every 60 days or so).

Thank you danb35. I was using the http validation.

  • http01:
    class: nginx

Will try the dns01 solver