redirect-acrolinx

Author: shlipsey3

.openpublishing.redirection.active-directory.json

@@ -4256,6 +4256,11 @@
       "redirect_url": "/azure/active-directory/external-identities/user-token",
       "redirect_document_id": true
     },
+    {
+      "source_path_from_root": "/articles/active-directory/fundamentals/certificate-authorities.md",
+      "redirect_url": "/azure/security/fundamentals/azure-CA-details",
+      "redirect_document_id": true
+    },
     {
       "source_path_from_root": "/articles/active-directory/b2b/what-is-b2b.md",
       "redirect_url": "/azure/active-directory/external-identities/what-is-b2b",

articles/active-directory/fundamentals/certificate-authorities.md

@@ -14,11 +14,11 @@ ms.reviewer: quentinb
 
 # Azure Certificate Authority details
 
-This article provides the details of the root and subordinate Certificate Authorities (CAs) utilized by Azure. The scope includes government and national clouds. The minimum requirements for public key encryption and signature algorithms, links to certificate downloads and revocation lists, and information about key concepts are provided below the CA details tables. The host names for the URIs that should be added to your firewall allow lists are also provided.
+This article provides the details of the root and subordinate Certificate Authorities (CAs) utilized by Azure. The scope includes government and national clouds. The minimum requirements for public key encryption and signature algorithms, links to certificate downloads and revocation lists, and information about key concepts are provided below the CA details tables. The host names for the URIs that should be added to your firewall allowlists are also provided.
 
 ## Certificate Authority details
 
-Any entity trying to access Azure Active Directory (Azure AD) identity services via the TLS/SSL protocols will be presented with certificates from the CAs listed below. Different services may use different root or intermediate CAs. The following root and subordinate CAs are relevant to entities that use [certificate pinning](certificate-pinning.md).
+Any entity trying to access Azure Active Directory (Azure AD) identity services via the TLS/SSL protocols will be presented with certificates from the CAs listed in this article. Different services may use different root or intermediate CAs. The following root and subordinate CAs are relevant to entities that use [certificate pinning](certificate-pinning.md).
 
 
 **How to read the certificate details:**
@@ -251,7 +251,7 @@ Microsoft updated Azure services to use TLS certificates from a different set of
 
 ### Article change log
 
-- February 7, 2023: Added 8 new subordinate Certificate Authorities
+- February 7, 2023: Added eight new subordinate Certificate Authorities
 - March 1, 2023: Provided timelines for upcoming sub CA expiration
 
 ## Next steps

articles/security/fundamentals/azure-CA-details.md

@@ -26,7 +26,7 @@ For several years, certificate pinning was considered good security practice. Ov
 
 ## How to address certificate pinning in your application
 
-Typically, an application will contain a list of authorized certificates or properties of certificates including Subject Distinguished Names, thumbprints, serial numbers, and public keys. Applications may pin against individual leaf or end-entity certificates, subordinate CA certificates, or even Root CA certificates.
+Typically, an application contains a list of authorized certificates or properties of certificates including Subject Distinguished Names, thumbprints, serial numbers, and public keys. Applications may pin against individual leaf or end-entity certificates, subordinate CA certificates, or even Root CA certificates.
 
 If your application explicitly specifies a list of acceptable CAs, you may periodically need to update pinned certificates when Certificate Authorities change or expire. To detect certificate pinning, we recommend the taking the following steps: