Merge pull request #70742 from subhtk/OCPBUG20370

OCPBUGS 20370:Added a note in supported ACME challenge types

Author: mburke5678

modules/cert-manager-acme-challenges-types.adoc

@@ -12,6 +12,13 @@ HTTP-01:: With the HTTP-01 challenge type, you provide a computed key at an HTTP
 +
 For more information, see link:https://cert-manager.io/docs/configuration/acme/http01/[HTTP01] in the upstream cert-manager documentation.
 
+[NOTE]
+====
+HTTP-01 requires that the Let's Encrypt servers can access the route of the cluster. If an internal or private cluster is behind a proxy, the HTTP-01 validations for certificate issuance fail.
+
+The HTTP-01 challenge is restricted to port 80. For more information, see link:https://letsencrypt.org/docs/challenge-types/#http-01-challenge[HTTP-01 challenge] (Let's Encrypt).
+====
+
 DNS-01:: With the DNS-01 challenge type, you provide a computed key at a DNS TXT record. If the ACME CA server can get the key by DNS lookup, it can validate you as the owner of the domain.
 +
 For more information, see link:https://cert-manager.io/docs/configuration/acme/dns01/[DNS01] in the upstream cert-manager documentation.