MicrosoftDocs
diff --git a/‎articles/application-gateway/application-gateway-backend-health-troubleshooting.md
Lines changed: 110 additions & 80 deletions b/‎articles/application-gateway/application-gateway-backend-health-troubleshooting.md
Lines changed: 110 additions & 80 deletions
diff --git a/‎articles/application-gateway/end-to-end-ssl-portal.md
Lines changed: 2 additions & 2 deletions b/‎articles/application-gateway/end-to-end-ssl-portal.md
Lines changed: 2 additions & 2 deletions
diff --git a/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/browser-cert.png
13.2 KB b/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/browser-cert.png
13.2 KB
diff --git a/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/cert-chain.png
409 KB b/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/cert-chain.png
409 KB
diff --git a/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/self-signed-types.png
250 KB b/‎articles/application-gateway/media/application-gateway-backend-health-troubleshooting/self-signed-types.png
250 KB
diff --git a/‎articles/application-gateway/ssl-overview.md
Lines changed: 1 addition & 1 deletion b/‎articles/application-gateway/ssl-overview.md
Lines changed: 1 addition & 1 deletion
@@ -27,7 +27,7 @@ To configure end-to-end TLS with an application gateway, you need a certificate
 For end-to-end TLS encryption, the right backend servers must be allowed in the application gateway. To allow this access, upload the public certificate of the backend servers, also known as Authentication Certificates (v1) or Trusted Root Certificates (v2), to the application gateway. Adding the certificate ensures that the application gateway communicates only with known backend instances. This configuration further secures end-to-end communication.
 
 > [!IMPORTANT]
-> If you receive an error message for the backend server certificate, verify that the frontend certificate Common Name (CN) matches the backend certificate CN. For more information, see [Trusted root certificate mismatch](./application-gateway-backend-health-troubleshooting.md#trusted-root-certificate-mismatch)
+> If you receive an error message for the backend server certificate, verify that the frontend certificate Common Name (CN) matches the backend certificate CN. For more information, see [Trusted root certificate mismatch](./application-gateway-backend-health-troubleshooting.md#trusted-root-certificate-mismatch-root-certificate-is-available-on-the-backend-server)
 
 To learn more, see [Overview of TLS termination and end to end TLS with Application Gateway](./ssl-overview.md).
 
@@ -122,4 +122,4 @@ If you choose the latter option, apply the steps in the following procedure.
 ## Next steps
 
 > [!div class="nextstepaction"]
-> [Manage web traffic with an application gateway using the Azure CLI](./tutorial-manage-web-traffic-cli.md)
+> [Manage web traffic with an application gateway using the Azure CLI](./tutorial-manage-web-traffic-cli.md)
@@ -35,7 +35,7 @@ For the TLS connection to work, you need to ensure that the TLS/SSL certificate
 - That the current date and time is within the "Valid from" and "Valid to" date range on the certificate.
 - That the certificate's "Common Name" (CN) matches the host header in the request. For example, if the client is making a request to `https://www.contoso.com/`, then the CN must be `www.contoso.com`.
 
-If you have errors with the backend certificate common name (CN), see [Backend certificate invalid common name (CN)](application-gateway-backend-health-troubleshooting.md#backend-certificate-invalid-common-name-cn).  
+If you have errors with the backend certificate common name (CN), see our [troubleshooting guide](./application-gateway-backend-health-troubleshooting.md#common-name-cn-doesnt-match).  
 
 ### Certificates supported for TLS termination