MicrosoftDocs
diff --git a/‎articles/automation/shared-resources/certificates.md
Lines changed: 28 additions & 30 deletions b/‎articles/automation/shared-resources/certificates.md
Lines changed: 28 additions & 30 deletions
@@ -1,6 +1,6 @@
 ---
-title: Manage certificate in Azure Automation
-description: Certificates are securely stored in Azure Automation so that runbooks or DSC configurations can access them to authenticate against Azure and third-party resources. This article explains the details of certificates and how to work with them in both textual and graphical authoring.
+title: Manage certificates in Azure Automation
+description: Azure Automation securely stores certificates, so that runbooks or DSC configurations can access them to authenticate against Azure and third-party resources. This article explains the details of certificates, and how to work with them in both textual and graphical authoring.
 services: automation
 ms.service: automation
 ms.subservice: shared-capabilities
@@ -13,39 +13,39 @@ manager: carmonm
 
 # Manage certificates in Azure Automation
 
-Certificates are stored securely in Azure Automation so they can be accessed by runbooks or DSC configurations using the [Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0) activity for Azure Resource Manager resources. Secure certificate storage allows you to create runbooks and DSC configurations that use certificates for authentication or add them to Azure or third-party resources.
+Azure Automation securely stores certificates, so they can be accessed by runbooks or DSC configurations by using the [Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0) activity for Azure Resource Manager resources. Secure certificate storage allows you to create runbooks and DSC configurations that use certificates for authentication, or add them to Azure or third-party resources.
 
-Secure assets in Azure Automation include credentials, certificates, connections, and encrypted variables. These assets are encrypted and stored in Azure Automation using a unique key that is generated for each automation account. This key is stored in a system-managed Key Vault. Before storing a secure asset, the key is loaded from Key Vault and then used to encrypt the asset. This process is managed by Azure Automation.
+Secure assets in Azure Automation include credentials, certificates, connections, and encrypted variables. Automation encrypts and stores these assets by using a unique key that is generated for each automation account. This key is stored in a system-managed key vault. Before you store a secure asset, you load the key from Key Vault, and you encrypt the asset. Automation manages this process.
 
 >[!NOTE]
->This article has been updated to use the new Azure PowerShell Az module. You can still use the AzureRM module, which will continue to receive bug fixes until at least December 2020. To learn more about the new Az module and AzureRM compatibility, see [Introducing the new Azure PowerShell Az module](https://docs.microsoft.com/powershell/azure/new-azureps-module-az?view=azps-3.5.0). For Az module installation instructions on your Hybrid Runbook Worker, see [Install the Azure PowerShell Module](https://docs.microsoft.com/powershell/azure/install-az-ps?view=azps-3.5.0). For your Automation account, you can update your modules to the latest version using [How to update Azure PowerShell modules in Azure Automation](../automation-update-azure-modules.md).
+>This article shows you how to use the Azure PowerShell Az module. You can still use the AzureRM module. To learn more about the Az module and AzureRM compatibility, see [Introducing the new Azure PowerShell Az module](https://docs.microsoft.com/powershell/azure/new-azureps-module-az?view=azps-3.5.0). For Az module installation instructions on your Hybrid Runbook Worker, see [Install the Azure PowerShell module](https://docs.microsoft.com/powershell/azure/install-az-ps?view=azps-3.5.0). For your Automation account, you can update your modules to the latest version by using [How to update Azure PowerShell modules in Azure Automation](../automation-update-azure-modules.md).
 
 ## Az PowerShell cmdlets
 
-For Az, the cmdlets in the following table are used to create and manage automation credential assets with Windows PowerShell. They ship as part of the [Az.Automation module](/powershell/azure/overview), which is available for use in Automation runbooks and DSC configurations.
+For Az, you use the cmdlets in the following table to create and manage automation credential assets with Windows PowerShell. They ship as part of the [Az.Automation module](/powershell/azure/overview), which is available for use in Automation runbooks and DSC configurations.
 
 |Cmdlet |Description|
 | --- | ---|
 |[Add-AzureCertificate](/powershell/module/servicemanagement/azure/add-azurecertificate)|Uploads a service certificate for the specified cloud service.|
-|[Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0)|Retrieves information about a certificate to use in a runbook or DSC configuration. You can only retrieve the certificate itself using the `Get-AutomationCertificate` activity.|
-|[New-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/New-AzAutomationCertificate?view=azps-3.7.0)|Creates a new certificate in Azure Automation.|
-|[Remove-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Remove-AzAutomationCertificate?view=azps-3.7.0)|Removes a certificate from Azure Automation.|
-|[Set-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Set-AzAutomationCertificate?view=azps-3.7.0)|Sets the properties for an existing certificate including uploading the certificate file and setting the password for a **.pfx** file.|
+|[Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0)|Retrieves information about a certificate to use in a runbook or DSC configuration. You can only retrieve the certificate itself by using the `Get-AutomationCertificate` activity.|
+|[New-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/New-AzAutomationCertificate?view=azps-3.7.0)|Creates a new certificate in Automation.|
+|[Remove-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Remove-AzAutomationCertificate?view=azps-3.7.0)|Removes a certificate from Automation.|
+|[Set-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Set-AzAutomationCertificate?view=azps-3.7.0)|Sets the properties for an existing certificate, including uploading the certificate file and setting the password for a **.pfx** file.|
 
 ## Activities
 
-The activities in the following table are used to access certificates in a runbook and DSC configurations.
+Use the activities in the following table to access certificates in a runbook and DSC configurations.
 
 | Activities | Description |
 |:---|:---|
 |`Get-AutomationCertificate`|Gets a certificate to use in a runbook or DSC configuration. Returns a [System.Security.Cryptography.X509Certificates.X509Certificate2](/dotnet/api/system.security.cryptography.x509certificates.x509certificate2) object.|
 
 > [!NOTE] 
-> You should avoid using variables in the `Name` parameter of `Get-AutomationCertificate` in a runbook or DSC configuration. Use of variables in this parameter  complicates the discovery of dependencies between runbooks or DSC configurations and Automation variables at design time.
+> You should avoid using variables in the `Name` parameter of `Get-AutomationCertificate` in a runbook or DSC configuration. Such variables complicate the discovery of dependencies between runbooks or DSC configurations and Automation variables at design time.
 
-## Python 2 functions
+## Python 2 function
 
-The function in the following table is used to access certificates in a Python 2 runbook.
+Use the function in the following table to access certificates in a Python 2 runbook.
 
 | Function | Description |
 |:---|:---|
@@ -54,18 +54,16 @@ The function in the following table is used to access certificates in a Python 2
 > [!NOTE]
 > You must import the `automationassets` module at the beginning of your Python runbook to access the asset functions.
 
-## Creating a new certificate
+## Create a new certificate
 
-When you create a new certificate, you upload a .cer or .pfx file to Azure Automation. If you mark the certificate as exportable, then you can transfer it out of the Azure Automation certificate store. If it isn't exportable, then it can only be used for signing within the runbook or DSC configuration. Azure Automation requires the certificate to have the provider **Microsoft Enhanced RSA and AES Cryptographic Provider**.
+When you create a new certificate, you upload a .cer or .pfx file to Automation. If you mark the certificate as exportable, then you can transfer it out of the Automation certificate store. If it isn't exportable, then it can only be used for signing within the runbook or DSC configuration. Automation requires the certificate to have the provider **Microsoft Enhanced RSA and AES Cryptographic Provider**.
 
 ### Create a new certificate with the Azure portal
 
-1. From your Automation account, click **Assets** to open the Assets page.
-2. Select **Certificates** to open the Certificates page.
-3. Click **Add a certificate** at the top of the page.
-4. Type a name for the certificate in the **Name** field.
-5. To browse for a **.cer** or **.pfx** file, click **Select a file** under **Upload a certificate file**. If you select a **.pfx**file, specify a password and indicate if it can be exported.
-6. Click **Create** to save the new certificate asset.
+1. From your Automation account, select **Assets** > **Certificates** > **Add a certificate**..
+1. In the **Name** field, type a name for the certificate.
+1. To browse for a **.cer** or **.pfx** file, under **Upload a certificate file**, choose **Select a file**. If you select a **.pfx** file, specify a password and indicate if it can be exported.
+1. Select **Create** to save the new certificate asset.
 
 ### Create a new certificate with PowerShell
 
@@ -82,7 +80,7 @@ New-AzAutomationCertificate -AutomationAccountName "MyAutomationAccount" -Name $
 
 ### Create a new certificate with a Resource Manager template
 
-The following example demonstrates how to deploy a certificate to your Automation account using a Resource Manager template through PowerShell:
+The following example demonstrates how to deploy a certificate to your Automation account by using a Resource Manager template through PowerShell:
 
 ```powershell-interactive
 $AutomationAccountName = "<automation account name>"
@@ -123,9 +121,9 @@ $json | out-file .\template.json
 New-AzResourceGroupDeployment -Name NewCert -ResourceGroupName TestAzureAuto -TemplateFile .\template.json
 ```
 
-## Using a certificate
+## Use a certificate
 
-To use a certificate, use the `Get-AutomationCertificate` activity. You can't use the [Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0) cmdlet, since it returns information about the certificate asset but not the certificate itself.
+To use a certificate, use the `Get-AutomationCertificate` activity. You can't use the [Get-AzAutomationCertificate](https://docs.microsoft.com/powershell/module/Az.Automation/Get-AzAutomationCertificate?view=azps-3.7.0) cmdlet. This cmdlet returns information about the certificate asset, but not the certificate itself.
 
 ### Textual runbook example
 
@@ -141,17 +139,17 @@ Add-AzureCertificate -ServiceName $serviceName -CertToDeploy $cert
 
 ### Graphical runbook example
 
-Add a `Get-AutomationCertificate` activity to a graphical runbook by right-clicking on the certificate in the Library pane and selecting **Add to canvas**.
+Add a `Get-AutomationCertificate` activity to a graphical runbook by right-clicking on the certificate in the **Library** pane, and selecting **Add to canvas**.
 
-![Add certificate to the canvas](../media/certificates/automation-certificate-add-to-canvas.png)
+![Screenshot of adding a certificate to the canvas](../media/certificates/automation-certificate-add-to-canvas.png)
 
 The following image shows an example of using a certificate in a graphical runbook. This is the same as the preceding example that shows how to add a certificate to a cloud service from a textual runbook.
 
-![Example Graphical Authoring](../media/certificates/graphical-runbook-add-certificate.png)
+![Screenshot of an example of graphical authoring](../media/certificates/graphical-runbook-add-certificate.png)
 
 ### Python 2 example
 
-The following example shows how to access certificates in Python2 runbooks.
+The following example shows how to access certificates in Python 2 runbooks.
 
 ```python
 # get a reference to the Azure Automation certificate
@@ -163,4 +161,4 @@ print cert
 
 ## Next steps
 
-- To learn more about working with links to control the logical flow of activities performed by your runbook, see [Links in graphical authoring](../automation-graphical-authoring-intro.md#links-and-workflow). 
+To learn more about working with links to control the logical flow of activities performed by your runbook, see [Links in graphical authoring](../automation-graphical-authoring-intro.md#links-and-workflow).