You can use your existing key or use a new one. From Let’s Encrypt’s perspective, renewals really are just new certificates.
There’s no rule for this as such, other than the rate limits, which would prevent you from renewing more than 5 times a week. The recommended renewal schedule would be 30 days before the certificate expires (in other words: every 60 days).[quote=“dioobr, post:1, topic:30544”]
Renew certificate also requires a new domain validation?
Roughly speaking, yes. More specifically, existing validations can be re-used for a couple of days (I think it’s 7 right now), but it’s easiest to just assume you’ll need to re-validate every time.