Fix redirects

Author: dominicbetts

articles/iot-operations/.openpublishing.redirection.iot-operations.json

@@ -477,13 +477,13 @@
         },
         {
             "source_path_from_root": "/articles/iot-operations/manage-mqtt-broker/concept-default-root-ca.md",
-            "redirect_url": "/azure/iot-operations/secure-iot-ops/concept-default-root-ca",
+            "redirect_url": "/azure/iot-operations/secure-iot-ops/howto-manage-certificates",
             "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/iot-operations/deploy-iot-ops/concept-default-root-ca.md",
-            "redirect_url": "/azure/iot-operations/secure-iot-ops/concept-default-root-ca",
-            "redirect_document_id": true
+            "redirect_url": "/azure/iot-operations/secure-iot-ops/howto-manage-certificates",
+            "redirect_document_id": false
         },
         {
             "source_path_from_root": "/articles/iot-operations/get-started-end-to-end-sample/quickstart-add-assets.md",
@@ -551,7 +551,7 @@
             "redirect_document_id": false
         },
         {
-            "source_path": "articles/iot-operations/secure-iot-ops/concept-default-root-ca.md",
+            "source_path_from_root": "/articles/iot-operations/secure-iot-ops/concept-default-root-ca.md",
             "redirect_url": "/azure/iot-operations/secure-iot-ops/howto-manage-certificates",
             "redirect_document_id": true
         }

articles/iot-operations/deploy-iot-ops/howto-deploy-iot-operations.md

@@ -140,7 +140,7 @@ Use these steps if you chose the **Test settings** option on the **Dependency ma
    1. Prepare the cluster for Azure IoT Operations deployment. Copy and run the provided [az iot ops init](/cli/azure/iot/ops#az-iot-ops-init) command.
 
       >[!TIP]
-      >The `init` command only needs to be run once per cluster. If you followed the optional prerequisite to set up your own certificate authority issuer, follow the steps in [Bring your own issuer](../secure-iot-ops/concept-default-root-ca.md#bring-your-own-issuer).
+      >The `init` command only needs to be run once per cluster. If you followed the optional prerequisite to set up your own certificate authority issuer, follow the steps in [Bring your own issuer](../secure-iot-ops/howto-manage-certificates.md#bring-your-own-issuer).
 
       This command might take several minutes to complete. You can watch the progress in the deployment progress display in the terminal.
 

articles/iot/iot-overview-security.md

@@ -31,7 +31,7 @@ You can divide security in an edge-based IoT solution into the following four ar
 
 - **Cloud security**: Secure your data while it moves through, and is stored in the cloud.
 
-Typically on an edge-based solution, you want to secure your end-to-end operations by using Azure security capabilities. Azure IoT Operations has built-in security capabilities such as [secrets management](../iot-operations/secure-iot-ops/howto-manage-secrets.md), [certificate management](../iot-operations/secure-iot-ops/concept-default-root-ca.md), and [secure settings](../iot-operations/deploy-iot-ops/howto-enable-secure-settings.md) on an [Azure Arc-enabled Kubernetes](/azure/azure-arc/kubernetes/overview) cluster. When a Kubernetes cluster is connected to Azure, an outbound connection to Azure is initiated, using industry-standard SSL to secure data in transit, and several other security features are enabled, such as:
+Typically on an edge-based solution, you want to secure your end-to-end operations by using Azure security capabilities. Azure IoT Operations has built-in security capabilities such as [secrets management](../iot-operations/secure-iot-ops/howto-manage-secrets.md), [certificate management](../iot-operations/secure-iot-ops/howto-manage-certificates.md), and [secure settings](../iot-operations/deploy-iot-ops/howto-enable-secure-settings.md) on an [Azure Arc-enabled Kubernetes](/azure/azure-arc/kubernetes/overview) cluster. When a Kubernetes cluster is connected to Azure, an outbound connection to Azure is initiated, using industry-standard SSL to secure data in transit, and several other security features are enabled, such as:
 
 - View and monitor your clusters using [Azure Monitor for containers](/azure/azure-monitor/containers/kubernetes-monitoring-enable).
 - Enforce threat protection using [Microsoft Defender for Containers](/azure/defender-for-cloud/defender-for-containers-introduction).
@@ -51,7 +51,7 @@ Both Defender for IoT and Defender for Containers can automatically monitor some
 
 - **Secrets management**: Use [Azure Key Vault](/azure/key-vault/general/overview) to store and manage asset's sensitive information such as keys, passwords, certificates, and secrets. Azure IoT Operations uses Azure Key Vault as the managed vault solution on the cloud, and uses [Azure Key Vault Secret Store extension for Kubernetes](/azure/azure-arc/kubernetes/secret-store-extension) to sync the secrets down from the cloud and store them on the edge as Kubernetes secrets. To learn more, see [Manage secrets for your Azure IoT Operations deployment](../iot-operations/secure-iot-ops/howto-manage-secrets.md).
 
-- **Certificate management**: Managing certificates is crucial for ensuring secure communication between assets and your edge runtime environment. Azure IoT Operations provides tools for managing certificates, including issuing, renewing, and revoking certificates. To learn more, see [Certificate management for Azure IoT Operations internal communication](../iot-operations/secure-iot-ops/concept-default-root-ca.md).
+- **Certificate management**: Managing certificates is crucial for ensuring secure communication between assets and your edge runtime environment. Azure IoT Operations provides tools for managing certificates, including issuing, renewing, and revoking certificates. To learn more, see [Certificate management for Azure IoT Operations internal communication](../iot-operations/secure-iot-ops/howto-manage-certificates.md).
 
 - **Select tamper-proof hardware for assets**: Choose asset hardware with built-in mechanisms to detect physical tampering, such as the opening of the device cover or the removal of a part of the device. These tamper signals can be part of the data stream uploaded to the cloud, alerting operators to these events.