Merge branch 'MicrosoftDocs:main' into vameru/updating-linespacing-examples

Author: vrdmr

articles/active-directory/manage-apps/application-management-certs-faq.md

@@ -8,7 +8,7 @@ ms.service: active-directory
 ms.subservice: app-mgmt
 ms.workload: identity
 ms.topic: reference
-ms.date: 03/19/2021
+ms.date: 03/03/2023
 ms.author: jomondi
 ms.reviewer: sureshja, saumadan
 ---
@@ -48,6 +48,13 @@ The owner of the application or Global Administrator or Application Administrato
 
 In Azure AD, you can set up certificate signing options and the certificate signing algorithm. To learn more, see [Advanced SAML token certificate signing options for Azure AD apps](certificate-signing-options.md).
 
+## What type of certificate can I use for configuring the SAML Certificate for single sign-on?
+
+The recommendation for the SAML single sign-on certificate depends on your organization's security requirements and policies. 
+If your organization has an internal certificate authority (PKI), using a certificate from the internal PKI can provide a higher level of security and trust. This is because the internal PKI is under the control of your organization and can be managed and monitored to ensure the security of the certificate.
+
+On the other hand, if your organization doesn't have an internal certificate authority, using a certificate from an external certificate authority such as DigiCert can provide a higher level of trust and security. This is because external certificate authorities are trusted by many organizations and are subject to strict security and validation requirements.
+
 ## I need to replace the certificate for Azure AD Application Proxy applications and need more instructions
 
 To replace certificates for Azure AD Application Proxy applications, see [PowerShell sample - Replace certificate in Application Proxy apps](../app-proxy/scripts/powershell-get-custom-domain-replace-cert.md).

articles/active-directory/saas-apps/leandna-tutorial.md

@@ -9,7 +9,7 @@ ms.service: active-directory
 ms.subservice: saas-app-tutorial
 ms.workload: identity
 ms.topic: how-to
-ms.date: 02/16/2023
+ms.date: 03/10/2023
 ms.author: jeedes
 
 ---
@@ -77,7 +77,7 @@ Complete the following steps to enable Azure AD single sign-on in the Azure port
     `https://www.leandna.com/application/sso.html`
 
     > [!Note]
-    > These values are not real. Update these values with the actual Identifier and Reply URL. Contact [LeanDNA Client support team](mailto:it@leandna.com) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
+    > These values are not real. Update these values with the actual Identifier and Reply URL. Contact [LeanDNA Client support team](mailto:support@leandna.com) to get these values. You can also refer to the patterns shown in the **Basic SAML Configuration** section in the Azure portal.
 
 1. On the **Set-up single sign-on with SAML** page, in the **SAML Signing Certificate** section,  find **Federation Metadata XML** and select **Download** to download the certificate and save it on your computer.
 
@@ -89,11 +89,11 @@ Complete the following steps to enable Azure AD single sign-on in the Azure port
 
 ## Configure LeanDNA SSO
 
-To configure single sign-on on **LeanDNA** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [LeanDNA support team](mailto:it@leandna.com). They set this setting to have the SAML SSO connection set properly on both sides.
+To configure single sign-on on **LeanDNA** side, you need to send the downloaded **Federation Metadata XML** and appropriate copied URLs from Azure portal to [LeanDNA support team](mailto:support@leandna.com). They set this setting to have the SAML SSO connection set properly on both sides.
 
 ### Create LeanDNA test user
 
-In this section, you create a user called Britta Simon at LeanDNA. Work with [LeanDNA support team](mailto:it@leandna.com) to add the users in the LeanDNA platform. Users must be created and activated before you use single sign-on.
+In this section, you create a user called Britta Simon at LeanDNA. Work with [LeanDNA support team](mailto:support@leandna.com) to add the users in the LeanDNA platform. Users must be created and activated before you use single sign-on.
 
 ## Test SSO