MicrosoftDocs
diff --git a/‎articles/iot-dps/quick-enroll-device-x509.md
Lines changed: 10 additions & 10 deletions b/‎articles/iot-dps/quick-enroll-device-x509.md
Lines changed: 10 additions & 10 deletions
@@ -41,7 +41,7 @@ This article shows you how to programmatically create an [enrollment group](conc
 
 :::zone pivot="programming-language-java"
 
-* [Java SE Development Kit 8](/azure/developer/java/fundamentals/java-support-on-azure). This article installs the [Java Service SDK](https://azure.github.io/azure-iot-sdk-java/master/service/) below. It works on both Windows and Linux. This article uses Windows.
+* [Java SE Development Kit 8](/azure/developer/java/fundamentals/java-support-on-azure). This article uses the [Azure IoT SDK for Java](https://azure.github.io/azure-iot-sdk-java/master/service/), which works on both Windows and Linux. This article uses Windows.
 
 * [Maven 3](https://maven.apache.org/download.cgi).
 
@@ -54,21 +54,21 @@ This article shows you how to programmatically create an [enrollment group](conc
 
 ## Create test certificates
 
-Enrollment groups that use X.509 certificate attestation can be configured to use a root CA certificate or an intermediate certificate. The more usual case is to configure the enrollment group with an intermediate certificate. This provides more flexibility as multiple intermediate certificates can be generated or revoked by the same root CA certificate.
+Enrollment groups that use X.509 certificate attestation can be configured to use a root CA certificate or an intermediate certificate. The more usual case is to configure the enrollment group with an intermediate certificate. Using an intermediate certificate provides more flexibility as multiple intermediate certificates can be generated or revoked by the same root CA certificate.
 
-For this article, you'll need either a root CA certificate file, an intermediate CA certificate file, or both in *.pem* or *.cer* format. One file contains the public portion of the root CA X.509 certificate and the other contains the public portion of the intermediate CA X.509 certificate.
+For this article, you need either a root CA certificate file, an intermediate CA certificate file, or both in *.pem* or *.cer* format. One file contains the public portion of the root CA X.509 certificate and the other contains the public portion of the intermediate CA X.509 certificate.
 
 If you already have a root CA file and/or an intermediate CA file, you can continue to [Add and verify your root or intermediate CA certificate](#add-and-verify-your-root-or-intermediate-ca-certificate).
 
-If you don't have a root CA file and/or an intermediate CA file, follow the steps in [Create an X.509 certificate chain](tutorial-custom-hsm-enrollment-group-x509.md?tabs=windows#create-an-x509-certificate-chain) to create them. You can stop after you complete the steps in [Create the intermediate CA certificate](tutorial-custom-hsm-enrollment-group-x509.md?tabs=windows#create-the-intermediate-ca-certificate) as you won't need device certificates to complete the steps in this article. When you're finished, you'll have two X.509 certificate files: *./certs/azure-iot-test-only.root.ca.cert.pem* and *./certs/azure-iot-test-only.intermediate.cert.pem*.
+If you don't have a root CA file and/or an intermediate CA file, follow the steps in [Create an X.509 certificate chain](tutorial-custom-hsm-enrollment-group-x509.md?tabs=windows#create-an-x509-certificate-chain) to create them. You can stop after you complete the steps in [Create the intermediate CA certificate](tutorial-custom-hsm-enrollment-group-x509.md?tabs=windows#create-the-intermediate-ca-certificate) as you don't need device certificates to complete the steps in this article. When you're finished, you have two X.509 certificate files: *./certs/azure-iot-test-only.root.ca.cert.pem* and *./certs/azure-iot-test-only.intermediate.cert.pem*.
 
 ## Add and verify your root or intermediate CA certificate
 
 Devices that provision through an enrollment group using X.509 certificates, present the entire certificate chain when they authenticate with DPS. For DPS to be able to validate the certificate chain, the root or intermediate certificate configured in an enrollment group must either be a verified certificate or must roll up to a verified certificate in the certificate chain a device presents when it authenticates with the service.
 
 For this article, assuming you have both a root CA certificate and an intermediate CA certificate signed by the root CA:
 
-* If you plan on creating the enrollment group with the root CA certificate, you'll need to upload and verify the root CA certificate. 
+* If you plan on creating the enrollment group with the root CA certificate, you need to upload and verify the root CA certificate. 
 
 * If you plan on creating the enrollment group with the intermediate CA certificate, you can upload and verify either the root CA certificate or the intermediate CA certificate. (If you have multiple intermediate CA certificates in the certificate chain, you could, alternatively, upload and verify any intermediate certificate that sits between the root CA certificate and the intermediate certificate that you create the enrollment group with.)
 
@@ -94,7 +94,7 @@ To add and verify your root or intermediate CA certificate to the Device Provisi
 
 ## Get the connection string for your provisioning service
 
-For the sample in this article, you'll need to copy the connection string for your provisioning service.
+For the sample in this article, you need the connection string for your provisioning service. Use the following steps to retrieve it.
 
 1. Sign in to the [Azure portal](https://portal.azure.com).
 
@@ -134,7 +134,7 @@ This section shows you how to create a .NET Core console application that adds a
 
 1. Open *Program.cs* file in an editor.
 
-1. Replace the namespace statement at the top of the file with the following:
+1. Replace the namespace statement at the top of the file with the following line:
 
     ```csharp
     namespace CreateEnrollmentGroup;
@@ -310,7 +310,7 @@ This section shows you how to create a Node.js script that adds an enrollment gr
             "-----END CERTIFICATE-----";
     ```
 
-    Updating this string value manually can be prone to error. To generate the proper syntax, you can copy and paste the following command into a **Git Bash** prompt, replace `your-cert.pem` with the location of your certificate file, and press **ENTER**. This command will generate the syntax for the `PUBLIC_KEY_CERTIFICATE_STRING` string constant value and write it to the output.
+    Updating this string value manually can be prone to error. To generate the proper syntax, you can copy and paste the following command into a **Git Bash** prompt, replace `your-cert.pem` with the location of your certificate file, and press **ENTER**. This command generates the syntax for the `PUBLIC_KEY_CERTIFICATE_STRING` string constant value and writes it to the output.
 
     ```bash
     sed 's/^/"/;$ !s/$/\\n" +/;$ s/$/"/' your-cert.pem
@@ -324,7 +324,7 @@ This section shows you how to create a Node.js script that adds an enrollment gr
     > * Hard-coding the connection string for the provisioning service administrator is against security best practices. Instead, the connection string should be held in a secure manner, such as in a secure configuration file or in the registry.
     > * Be sure to upload only the public part of the signing certificate. Never upload .pfx (PKCS12) or .pem files containing private keys to the provisioning service.
 
-1. The sample allows you to set an IoT hub in the enrollment group to provision the device to. This must be an IoT hub that has been previously linked to the provisioning service. For this article, we'll let DPS choose from the linked hubs according to the default allocation policy, evenly-weighted distribution. Comment out the following statement in the file:
+1. The sample allows you to set an IoT hub in the enrollment group to provision the device to. This must be an IoT hub that has been previously linked to the provisioning service. For this article, we let DPS choose from the linked hubs according to the default allocation policy, evenly weighted distribution. Comment out the following statement in the file:
 
     ```Java
     enrollmentGroup.setIotHubHostName(IOTHUB_HOST_NAME);                // Optional parameter.
@@ -378,7 +378,7 @@ This section shows you how to create a Node.js script that adds an enrollment gr
 
     This command downloads the [Azure IoT DPS service client Maven package](https://mvnrepository.com/artifact/com.microsoft.azure.sdk.iot.provisioning/provisioning-service-client) to your machine and builds the sample. This package includes the binaries for the Java service SDK.
 
-1. Switch to the *target* folder and run the sample. Be aware that the build in the previous step outputs .jar file in the *target* folder with the following file format: `provisioning-x509-sample-{version}-with-deps.jar`; for example: `provisioning-x509-sample-1.8.1-with-deps.jar`. You may need to replace the version in the command below.
+1. Switch to the *target* folder and run the sample. The build in the previous step outputs .jar file in the *target* folder with the following file format: `provisioning-x509-sample-{version}-with-deps.jar`; for example: `provisioning-x509-sample-1.8.1-with-deps.jar`. You may need to replace the version in the command below.
 
     ```cmd\sh
     cd target