Merge pull request #256006 from MicrosoftDocs/main

10/24/2023 AM Publish

Author: Taojunshen

articles/app-service/deploy-configure-credentials.md

@@ -85,6 +85,7 @@ For [local Git deployment](deploy-local-git.md), you can also use the [az webapp
 ```azurecli-interactive
 az webapp deployment list-publishing-credentials --resource-group <group-name> --name <app-name> --query scmUri
 ```
+Note that the returned Git remote URI doesn't contain `/<app-name>.git` at the end. When you add the remote URI, make sure to append `/<app-name>.git` to avoid an error 22 with `git-http-push`. Additionally, when using `git remote add ... ` via shells that use the dollar sign for variable interpolation (such as bash), escape any dollar signs (`\$`) in the username or password. Failure to escape this character can result in authentication errors.
 
 # [Azure PowerShell](#tab/powershell)
 

articles/app-service/deploy-ftp.md

@@ -115,9 +115,11 @@ Possible values for `--ftps-state` are `AllAllowed` (FTP and FTPS enabled), `Dis
 
 ## Troubleshoot FTP deployment
 
-- [How can I troubleshoot FTP deployment?](#how-can-i-troubleshoot-ftp-deployment)
-- [I'm not able to FTP and publish my code. How can I resolve the issue?](#im-not-able-to-ftp-and-publish-my-code-how-can-i-resolve-the-issue)
-- [How can I connect to FTP in Azure App Service via passive mode?](#how-can-i-connect-to-ftp-in-azure-app-service-via-passive-mode)
+ - [How can I troubleshoot FTP deployment?](#how-can-i-troubleshoot-ftp-deployment)
+ - [I'm not able to FTP and publish my code. How can I resolve the issue?](#im-not-able-to-ftp-and-publish-my-code-how-can-i-resolve-the-issue)
+ - [How can I connect to FTP in Azure App Service via passive mode?](#how-can-i-connect-to-ftp-in-azure-app-service-via-passive-mode)
+ - [Why is my connection failing when attempting to connect over FTPS using explicit encryption?](#why-is-my-connection-failing-when-attempting-to-connect-over-ftps-using-explicit-encryption)
+ - [How can I determine the method that was used to deploy my Azure App Service?](#how-can-i-determine-the-method-that-was-used-to-deploy-my-azure-app-service)
 
 #### How can I troubleshoot FTP deployment?
 
@@ -138,7 +140,21 @@ Check that you've entered the correct [hostname](#get-ftps-endpoint) and [creden
 #### How can I connect to FTP in Azure App Service via passive mode?
 Azure App Service supports connecting via both Active and Passive mode. Passive mode is preferred because your deployment machines are usually behind a firewall (in the operating system or as part of a home or business network). See an [example from the WinSCP documentation](https://winscp.net/docs/ui_login_connection). 
 
-### How can I determine the method that was used to deploy my Azure App Service?
+#### Why is my connection failing when attempting to connect over FTPS using explicit encryption?
+FTPS allows establishing the TLS secure connection in either an Explicit or Implicit way.
+ - If you are connecting in an Implicit way, the connection is established via port 990.
+ - If you are connecting in an Explicit way, the connection is established via port 21.
+
+
+One thing to be aware that can affect your connection success is the URL used, this will depend on the Client Application used. 
+The portal will have just the URL as "ftps://" and you might need to change this.
+ - If the URL used starts with "ftp://", the connection is implied to be on port 21.
+ - If it starts with "ftps://", the connection is implied to be Implicit and on port 990. 
+
+ Make sure to not mix both, such as attempting to connect to "ftps://" and using port 21, as it will fail to connect, even if you wish to do Explicit encryption.
+ The reason for this is due to an Explicit connection starting as a plain FTP connection before the AUTH method.
+
+#### How can I determine the method that was used to deploy my Azure App Service?
 Let us say you take over owning an app and you wish to find out how the Azure App Service was deployed so you can make changes and deploy them. You can determine how an Azure App Service was deployed by checking the application settings. If the app was deployed using an external package URL, you will see the WEBSITE_RUN_FROM_PACKAGE setting in the application settings with a URL value. Or if it was deployed using zip deploy, you will see the WEBSITE_RUN_FROM_PACKAGE setting with a value of 1. If the app was deployed using Azure DevOps, you will see the deployment history in the Azure DevOps portal. If Azure Functions Core Tools was used, you will see the deployment history in the Azure portal.
 
 ## More resources

articles/application-gateway/application-gateway-faq.yml

@@ -140,7 +140,7 @@ sections:
         answer: No. Application Gateway V2 doesn't support proxying requests with NTLM or Kerberos authentication.
 
       - question: Why are some header values not present when requests are forwarded to my application?
-        answer: Request header names can contain alphanumeric characters and hyphens. Request header names containing other characters are discarded when a request is sent to the backend target. Response header names can contain any alphanumeric characters and specific symbols as defined in [RFC 7230](https://tools.ietf.org/html/rfc7230#page-27), except for underscores (\_).
+        answer: Request header names can contain alphanumeric characters and hyphens. Request header names containing other characters are discarded when a request is sent to the backend target. Response header names can contain any alphanumeric characters and specific symbols as defined in [RFC 7230](https://tools.ietf.org/html/rfc7230#page-27).
 
       - question: Does Application Gateway affinity cookie support SameSite attribute?
         answer: |

articles/azure-arc/vmware-vsphere/administer-arc-vmware.md

@@ -10,7 +10,7 @@ ms.custom: devx-track-azurecli
 
 # Perform ongoing administration for Arc-enabled VMware vSphere
 
-In this article, you'll learn how to perform various administrative operations related to Azure Arc-enabled VMware vSphere (preview):
+In this article, you learn how to perform various administrative operations related to Azure Arc-enabled VMware vSphere (preview):
 
 - Upgrading the Azure Arc resource bridge (preview)
 - Updating the credentials
@@ -23,7 +23,7 @@ Each of these operations requires either SSH key to the resource bridge VM or th
 Azure Arc-enabled VMware vSphere requires the Arc resource bridge to connect your VMware vSphere environment with Azure. Periodically, new images of Arc resource bridge will be released to include security and feature updates.
 
 > [!NOTE]
-> To upgrade the Arc resource bridge VM to the latest version, you will need to perform the onboarding again with the **same resource IDs**. This will cause some downtime as operations performed through Arc during this time might fail.
+> To upgrade the Arc resource bridge VM to the latest version, you need to perform the onboarding again with the **same resource IDs**. This will cause some downtime as operations performed through Arc during this time might fail.
 
 To upgrade to the latest version of the resource bridge, perform the following steps:
 
@@ -77,7 +77,7 @@ az account set -s <subscription id>
 az arcappliance get-credentials -n <name of the appliance> -g <resource group name> 
 az arcappliance update-infracredentials vmware --kubeconfig kubeconfig
 ```
-For more details on the commands see [`az arcappliance get-credentials`](/cli/azure/arcappliance#az-arcappliance-get-credentials) and [`az arcappliance update-infracredentials vmware`](/cli/azure/arcappliance/update-infracredentials#az-arcappliance-update-infracredentials-vmware).
+For more details on the commands, see [`az arcappliance get-credentials`](/cli/azure/arcappliance#az-arcappliance-get-credentials) and [`az arcappliance update-infracredentials vmware`](/cli/azure/arcappliance/update-infracredentials#az-arcappliance-update-infracredentials-vmware).
 
 
 To update the credentials used by the VMware cluster extension on the resource bridge. This command can be run from anywhere with `connectedvmware` CLI extension installed.