Incorp, round 1

KennedyDMSFT · KennedyDMSFT · commit 1c1463a68019 · 2023-02-23T08:44:04.000-08:00
diff --git a/articles/iot-hub/.openpublishing.redirection.iot-hub.json b/articles/iot-hub/.openpublishing.redirection.iot-hub.json
@@ -1116,7 +1116,7 @@
     {
       "source_path_from_root": "/articles/iot-hub/tutorial-x509-scripts.md",
       "redirect_url": "/azure/iot-hub/tutorial-x509-openssl",
-      "redirect_document_id": true
+      "redirect_document_id": false
     }
   ]
 }
diff --git a/articles/iot-hub/tutorial-x509-openssl.md b/articles/iot-hub/tutorial-x509-openssl.md
@@ -14,16 +14,16 @@ ms.custom: [mvc, 'Role: Cloud Development', 'Role: Data Analytics']
 
 # Tutorial: Use OpenSSL to create test certificates
 
-Although you can purchase X.509 certificates from a trusted certification authority, creating your own test certificate hierarchy is adequate for testing IoT Hub device authentication. 
+For production environments, we recommend that you purchase an X.509 CA certificate from a public root certificate authority (CA). However, creating your own test certificate hierarchy is adequate for testing IoT Hub device authentication. For more information about getting an X.509 CA certificate from a public root CA, see the [Get an X.509 CA certificate](iot-hub-x509ca-overview.md#get-an-x509-ca-certificate) section of [Authenticate devices using X.509 CA certificates](iot-hub-x509ca-overview.md).
 
-The following example uses [OpenSSL](https://www.openssl.org/) and the [OpenSSL Cookbook](https://www.feistyduck.com/library/openssl-cookbook/online/ch-openssl.html) to create a certification authority (CA), a subordinate CA, and a device certificate. The example then signs the subordinate CA and the device certificate into a certificate hierarchy. This example is presented for demonstration purposes only.
+The following example uses [OpenSSL](https://www.openssl.org/) and the [OpenSSL Cookbook](https://www.feistyduck.com/library/openssl-cookbook/online/ch-openssl.html) to create a certificate authority (CA), a subordinate CA, and a device certificate. The example then signs the subordinate CA and the device certificate into a certificate hierarchy. This example is presented for demonstration purposes only.
 
 >[!NOTE]
 >Microsoft provides PowerShell and Bash scripts to help you understand how to create your own X.509 certificates and authenticate them to an IoT hub. The scripts are included with the [Azure IoT Hub Device SDK for C](https://github.com/Azure/azure-iot-sdk-c). The scripts are provided for demonstration purposes only. Certificates created by them must not be used for production. The certificates contain hard-coded passwords (“1234”) and expire after 30 days. You must use your own best practices for certificate creation and lifetime management in a production environment. For more information, see [Managing test CA certificates for samples and tutorials](https://github.com/Azure/azure-iot-sdk-c/blob/main/tools/CACertificates/CACertificateOverview.md) in the GitHub repository for the [Azure IoT Hub Device SDK for C](https://github.com/Azure/azure-iot-sdk-c).
 
 ## Step 1 - Create the root CA directory structure
 
-Create a directory structure for the certification authority.
+Create a directory structure for the certificate authority.
 
 * The *certs* directory stores new certificates.
 * The *db* directory stores the certificate database.

Original file line number	Diff line number	Diff line change
`@@ -1116,7 +1116,7 @@`
`1116`	`1116`	`{`
`1117`	`1117`	`"source_path_from_root": "/articles/iot-hub/tutorial-x509-scripts.md",`
`1118`	`1118`	`"redirect_url": "/azure/iot-hub/tutorial-x509-openssl",`
`1119`		`- "redirect_document_id": true`
	`1119`	`+ "redirect_document_id": false`
`1120`	`1120`	`}`
`1121`	`1121`	`]`
`1122`	`1122`	`}`