required cert list added

kgremban · kgremban · commit 796e97fd407e · 2020-04-09T17:15:11.000-07:00
diff --git a/articles/iot-edge/how-to-auto-provision-x509-certs.md b/articles/iot-edge/how-to-auto-provision-x509-certs.md
@@ -40,6 +40,12 @@ Device identity certificates are only used for provisioning the IoT Edge device
 
 After you create the device identity certificate, you should have two files: a .cer or .pem file that contains the public portion of the certificate, and a .cer or .pem file with the private key of the certificate. If you plan to use group enrollment in DPS, you also need the public portion of an intermediate or root CA certificate in the same certificate chain of trust.
 
+You need the following files to set up automatic provisioning with X.509:
+
+* The device identity certificate and its private key certificate. The device identity certificate is uploaded to DPS if you create an individual enrollment. The private key is passed to the IoT Edge runtime.
+* A full chain certificate, which should have at least the device identity and the intermediate certificates in it. The full chain certificate is passed to the IoT Edge runtime.
+* An intermediate or root CA certificate from the certificate chain of trust. This certificate is uploaded to DPS if you create a group enrollment.
+
 ### Use test certificates
 
 If you don't have a certificate authority available to create new identity certs and want to try out this scenario, the Azure IoT Edge git repository contains scripts that you can use to generate test certificates. These certificates are designed for development testing only, and must not be used in production.
