Merge branch 'main' of https://github.com/wchigit/azure-docs-pr into fix-sc-img

Author: wchigit

articles/aks/custom-node-configuration.md

@@ -113,7 +113,7 @@ az aks nodepool add --name mynodepool1 --cluster-name myAKSCluster --resource-gr
 ### [Windows node pools](#tab/windows-node-pools)
 
 ```azurecli
-az aks nodepool add --name mynodepool1 --cluster-name myAKSCluster --resource-group myResourceGroup --os-type Windows --kubelet-config ./windowskubeletconfig.json
+az aks nodepool add --name mynp1 --cluster-name myAKSCluster --resource-group myResourceGroup --os-type Windows --kubelet-config ./windowskubeletconfig.json
 ```
 
 ---

articles/backup/tutorial-restore-files.md

@@ -2,8 +2,8 @@
 title: Tutorial - Restore files to a VM with Azure Backup
 description: Learn how to perform file-level restores on an Azure VM with Backup and Recovery Services.
 ms.topic: tutorial
-ms.date: 01/31/2019
-ms.custom: mvc, devx-track-azurecli
+ms.date: 03/20/2024
+ms.custom: mvc, devx-track-azurecli, engagement-fy24
 author: AbhishekMallick-MS
 ms.author: v-abhmallick
 ---

articles/data-factory/connector-oracle.md

@@ -7,7 +7,7 @@ ms.service: data-factory
 ms.subservice: data-movement
 ms.custom: synapse
 ms.topic: conceptual
-ms.date: 05/15/2024
+ms.date: 05/27/2024
 ms.author: jianleishen
 ---
 
@@ -109,43 +109,43 @@ To enable encryption on Oracle connection, you have two options:
 
 -	To use **Triple-DES Encryption (3DES) and Advanced Encryption Standard (AES)**, on the Oracle server side, go to Oracle Advanced Security (OAS) and configure the encryption settings. For details, see this [Oracle documentation](https://docs.oracle.com/cd/E11882_01/network.112/e40393/asointro.htm#i1008759). The Oracle Application Development Framework (ADF) connector automatically negotiates the encryption method to use the one you configure in OAS when establishing a connection to Oracle.
 
--	To use **TLS**:
+-	To use **TLS**, set up `truststore` for SSL server authentication by applying one of the following three methods:
 
-    1.	Get the TLS/SSL certificate info. Get the Distinguished Encoding Rules (DER)-encoded certificate information of your TLS/SSL cert, and save the output (----- Begin Certificate … End Certificate -----) as a text file.
+    - **Method 1 (recommended)**:
 
-        ```
-        openssl x509 -inform DER -in [Full Path to the DER Certificate including the name of the DER Certificate] -text
-        ```
+        1.	Install the TLS/SSL certificate by importing it into the local certificate store. The built-in Oracle driver is able to load the needed certificate from the certificate store. 
 
-        **Example:** Extract cert info from DERcert.cer, and then save the output to cert.txt.
+        2.	In the service, configure the Oracle connection string with `EncryptionMethod=1`.
 
-        ```
-        openssl x509 -inform DER -in DERcert.cer -text
-        Output:
-        -----BEGIN CERTIFICATE-----
-        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-        XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
-        XXXXXXXXX
-        -----END CERTIFICATE-----
-        ```
-    
-    2.	Build the `keystore` or `truststore`. The following command creates the `truststore` file, with or without a password, in PKCS-12 format.
+    - **Method 2**:
 
-        ```
-        openssl pkcs12 -in [Path to the file created in the previous step] -out [Path and name of TrustStore] -passout pass:[Keystore PWD] -nokeys -export
-        ```
+        1. Get the TLS/SSL certificate information. Get the Distinguished Encoding Rules (DER)-encoded or Privacy Enhanced Mail (PEM)-encoded certificate information of your TLS/SSL cert.
 
-        **Example:** Create a PKCS12 `truststore` file, named MyTrustStoreFile, with a password.
+            ```
+            openssl x509 -inform (DER|PEM) -in [Full Path to the DER/PEM Certificate including the name of the DER/PEM Certificate] -text
+            ```
 
-        ```
-        openssl pkcs12 -in cert.txt -out MyTrustStoreFile -passout pass:ThePWD -nokeys -export  
-        ```
+        2.	In the service, configure the Oracle connection string with `EncryptionMethod=1` and the corresponding `TrustStore` value. For example, `Host=<host>;Port=<port>;Sid=<sid>;User Id=<username>;Password=<password>;EncryptionMethod=1;TrustStore= data:// -----BEGIN CERTIFICATE-----<certificate content>-----END CERTIFICATE-----`
 
-    3.	Place the `truststore` file on the self-hosted IR machine. For example, place the file at C:\MyTrustStoreFile.
-    4.	In the service, configure the Oracle connection string with `EncryptionMethod=1` and the corresponding `TrustStore`/`TrustStorePassword`value. For example, `Host=<host>;Port=<port>;Sid=<sid>;User Id=<username>;Password=<password>;EncryptionMethod=1;TrustStore=C:\\MyTrustStoreFile;TrustStorePassword=<trust_store_password>`.
+            >[!Note]
+            >- The value of the `TrustStore` field should be prefixed with `data://`.
+            >- When specifying content for multiple certificates, specify the content of each certificate between `-----BEGIN CERTIFICATE-----` and `-----END CERTIFICATE-----`. The number of dashes (`-----`) should be the same before and after both `BEGIN CERTIFICATE` and `END CERTIFICATE`. For example:<br>
+            >`-----BEGIN CERTIFICATE-----<certificate content 1>-----END CERTIFICATE-----`<br>
+            >`-----BEGIN CERTIFICATE-----<certificate content 2>-----END CERTIFICATE-----`<br>
+            >`-----BEGIN CERTIFICATE-----<certificate content 3>-----END CERTIFICATE-----`
+            > - The `TrustStore` field supports content up to 8192 characters in length.
 
+    - **Method 3**:
+        1. Create the `truststore` file with strong ciphers like AES256.
+        
+            ```
+            openssl pkcs12 -in [Full Path to the DER/PEM Certificate including the name of the DER/PEM Certificate] -out [Path and name of TrustStore] -passout pass:[Keystore PWD] -keypbe AES-256-CBC -certpbe AES-256-CBC -nokeys -export
+            ```
+        2.	Place the `truststore` file on the self-hosted integration runtime machine. For example, place the file at `C:\MyTrustStoreFile`. 
+        
+        3.	In the service, configure the Oracle connection string with `EncryptionMethod=1` and the corresponding `TrustStore`/`TrustStorePassword` value. For example, `Host=<host>;Port=<port>;Sid=<sid>;User Id=<username>;Password=<password>;EncryptionMethod=1;TrustStore=C:\\MyTrustStoreFile;TrustStorePassword=<trust_store_password>`.
+    
+    
 **Example:**
 
 ```json

articles/data-factory/connector-troubleshoot-oracle.md

@@ -6,7 +6,7 @@ author: jianleishen
 ms.service: data-factory
 ms.subservice: data-movement
 ms.topic: troubleshooting
-ms.date: 04/30/2024
+ms.date: 05/27/2024
 ms.author: jianleishen
 ms.custom: has-adal-ref, synapse
 ---
@@ -51,6 +51,35 @@ This article provides suggestions to troubleshoot common problems with the Oracl
         - SHA384 
         - SHA512
 
+## Error code: UserErrorFailedToConnectOdbcSource
+
+There are three error messages associated with this error code. Check the cause and recommendation for each error message correspondingly.
+
+- **Message**: `"Cannot load trust store", or "SSL Handshake Failure reason [error:OA000086:SSL routines::certificate verify failed]"` 
+
+- **Cause**: The `truststore` is not appropriate for OpenSSL 3.0, as the `truststore` file is generated using weak ciphers like RC4, MD5 and SHA1.
+
+- **Recommendation**: You need to re-create the `truststore` using the strong ciphers like AES256. Refer to this [section](connector-oracle.md#linked-service-properties) for details about setting up the TLS connection using `truststore`.
+
+<br>
+
+- **Message**: <br>
+    `SSL Handshake Failure reason[Unknown SSL Error]`  
+    `SSL Handshake Failure reason [error:OA000410:SSL routines::sslv3 alert handshake failure]`
+
+- **Cause**: The server is not configured with strong ciphers for SSL communication. OpenSSL 3.0 should use either TLS 1.0 and higher as it deprecated SSL protocol versions. For example, the server might accept connections with TLS protocol versions until TLS 1.0.
+
+- **Recommendation**: Revise the server configuration to use stronger TLS versions.
+
+<br>
+
+- **Message**: `SSL Handshake Failure reason [error:0A00014D:SSL routines::legacy sigalg disallowed or unsupported].` 
+
+- **Cause**: CryptoProtocolVersion is set to use deprecated TLS protocol versions with OpenSSL 3.0.
+
+- **Recommendation**: Specify the connection string property `CryptoProtocolVersion=TLSv1.2`.
+
+
 ## Related content
 
 For more troubleshooting help, try these resources:

articles/service-connector/concept-region-support.md

@@ -5,7 +5,7 @@ author: maud-lv
 ms.author: malev
 ms.service: service-connector
 ms.topic: conceptual
-ms.date: 10/19/2023
+ms.date: 05/28/2024
 ms.custom: references_regions
 ---
 
@@ -17,36 +17,57 @@ When you connect Cloud services together with Service Connector, the conceptual
 
 If your compute service instance is located in one of the regions that Service Connector supports below, you can use Service Connector to create and manage service connections.
 
-- Australia Central
-- Australia East
-- Australia Southeast
-- Brazil South
-- Canada Central
-- Canada East
-- Central India
-- Central US
-- East Asia
-- East US
-- East US 2
-- France Central
-- Germany West Central
-- Japan East
-- Japan West
-- Korea Central
-- North Central US
-- North Europe
-- Norway East
-- South Africa North
-- South Central US
-- South India
-- UAE North
-- UK South
-- UK West
-- West Central US
-- West Europe
-- West US
-- West US 2
-- West US 3
+| Region               | App Service, Container Apps, <br>Azure Functions, Azure Spring Apps | AKS |
+|----------------------|:-----------------------------------------------------------------:|:-----:|
+| Australia Central    | Yes                                                             | No  |
+| Australia Central 2  | Yes                                                             | No  |
+| Australia East       | Yes                                                             | Yes |
+| Australia Southeast  | Yes                                                             | Yes |
+| Brazil South         | Yes                                                             | Yes |
+| Brazil Southeast     | Yes                                                             | No  |
+| Canada Central       | Yes                                                             | Yes |
+| Canada East          | Yes                                                             | Yes |
+| Central India        | Yes                                                             | Yes |
+| Central US           | Yes                                                             | Yes |
+| Central US EUAP      | Yes                                                             | No  |
+| East Asia            | Yes                                                             | Yes |
+| East US              | Yes                                                             | Yes |
+| East US 2            | Yes                                                             | Yes |
+| East US 2 EUAP       | Yes                                                             | No  |
+| France Central       | Yes                                                             | Yes |
+| France South         | Yes                                                             | No  |
+| Germany North        | Yes                                                             | No  |
+| Germany West Central | Yes                                                             | Yes |
+| Japan East           | Yes                                                             | Yes |
+| Japan West           | Yes                                                             | Yes |
+| Jio India Central    | Yes                                                             | No  |
+| Jio India West       | Yes                                                             | No  |
+| Korea Central        | Yes                                                             | Yes |
+| Korea South          | Yes                                                             | No  |
+| North Central US     | Yes                                                             | Yes |
+| North Europe         | Yes                                                             | Yes |
+| Norway East          | Yes                                                             | Yes |
+| Norway West          | Yes                                                             | No  |
+| Qatar Central        | Yes                                                             | No  |
+| South Africa North   | Yes                                                             | Yes |
+| South Africa West    | Yes                                                             | No  |
+| South Central US     | Yes                                                             | Yes |
+| Southeast Asia       | Yes                                                             | Yes |
+| South India          | Yes                                                             | Yes |
+| Sweden Central       | Yes                                                             | Yes |
+| Sweden South         | Yes                                                             | No  |
+| Switzerland North    | Yes                                                             | Yes |
+| Switzerland West     | Yes                                                             | No  |
+| UAE Central          | Yes                                                             | No  |
+| UAE North            | Yes                                                             | Yes |
+| UK South             | Yes                                                             | Yes |
+| UK West              | Yes                                                             | Yes |
+| West Central US      | Yes                                                             | Yes |
+| West Europe          | Yes                                                             | Yes |
+| West India           | Yes                                                             | No  |
+| West US              | Yes                                                             | Yes |
+| West US 2            | Yes                                                             | Yes |
+| West US 3            | Yes                                                             | Yes |
 
 ## Regions not supported