adjust terms, indent images

Author: GitHubber17

articles/spring-cloud/spring-cloud-tutorial-custom-domain.md

@@ -16,7 +16,7 @@ Certificates encrypt web traffic. These TLS/SSL certificates can be stored in Az
 ## Prerequisites
 * An application deployed to Azure Spring Cloud (see [Quickstart: Launch an existing Azure Spring Cloud application using the Azure portal](spring-cloud-quickstart-launch-app-portal.md), or use an existing app).
 * A domain name with access to the DNS registry for domain provider such as GoDaddy.
-* A private certificate (e.g. your self-signed certificate) from a third-party provider. The certificate must match the domain.
+* A private certificate (that is, your self-signed certificate) from a third-party provider. The certificate must match the domain.
 * A deployed instance of [Azure Key Vault](https://docs.microsoft.com/azure/key-vault/key-vault-overview)
 
 ## Import certificate 
@@ -31,36 +31,39 @@ To upload your certificate to key vault:
 1. Under **Password**, enter the private key for your certificate.
 1. Click **Create**.
 
-![Import certificate 1](./media/custom-dns-tutorial/import-certificate-a.png)
+    ![Import certificate 1](./media/custom-dns-tutorial/import-certificate-a.png)
 
 To import certificate to Azure Spring Cloud:
 1. Go to your service instance. 
 1. From the left navigation pane of your app, select **TLS/SSL settings**.
 1. Then click **Import Key Vault Certificate**.
 
-![Import certificate](./media/custom-dns-tutorial/import-certificate.png)
+    ![Import certificate](./media/custom-dns-tutorial/import-certificate.png)
+
+Or, you can use the Azure CLI to import the certificate:
 
-Or using CLI to import certificate:
 ```
 az spring-cloud certificate add --name <cert name> --vault-uri <key vault uri> --vault-certificate-name <key vault cert name>
 ```
->[!IMPORTANT] 
-> Please ensure you grant Azure Spring Cloud to access your key vault before executing the above import certificate CLI. If you haven't, please execute the follow CLI to grant the access right.
+
+> [!IMPORTANT] 
+> Ensure you grant Azure Spring Cloud access to your key vault before you execute the previous import certificate command. If you haven't, you can execute the following command to grant the access rights.
 
 ```
 az keyvault set-policy -g <key vault resource group> -n <key vault name>  --object-id 938df8e2-2b9d-40b1-940c-c75c33494239 --certificate-permissions get list
 ``` 
 
-When you have successfully imported your certificate, you'll see it on the list of **Private Key Certificates**.
+When you have successfully imported your certificate, you'll see it in the list of **Private Key Certificates**.
 
 ![Private key certificate](./media/custom-dns-tutorial/key-certificates.png)
 
-Or using CLI to show a list of certificates:
+Or, you can use the Azure CLI to show a list of certificates:
+
 ```
 az spring-cloud certificate list
 ```
 
->[!IMPORTANT] 
+> [!IMPORTANT] 
 > To secure a custom domain with this certificate, you still need to bind the certificate to a specific domain. Follow the steps in this document under the heading **Add SSL Binding**.
 
 ## Add Custom Domain
@@ -83,15 +86,15 @@ Go to application page.
 1. Select **Custom Domain**.
 2. Then **Add Custom Domain**. 
 
-![Custom domain](./media/custom-dns-tutorial/custom-domain.png)
+    ![Custom domain](./media/custom-dns-tutorial/custom-domain.png)
 
 3. Type the fully qualified domain name for which you added a CNAME record, such as www.contoso.com. Make sure that Hostname record type is set to CNAME (<service_name>.azuremicroservices.io)
 4. Click **Validate** to enable the **Add** button.
 5. Click **Add**.
 
-![Add custom domain](./media/custom-dns-tutorial/add-custom-domain.png)
+    ![Add custom domain](./media/custom-dns-tutorial/add-custom-domain.png)
 
-Or using CLI to add a custom domain:
+Or, you can use the Azure CLI to add a custom domain:
 ```
 az spring-cloud app custom-domain bind --domain-name <domain name> --app <app name> 
 ```
@@ -100,22 +103,22 @@ One app can have multiple domains, but one domain can only map to one app. When
 
 ![Custom domain table](./media/custom-dns-tutorial/custom-domain-table.png)
 
-Or using CLI to show a list of custom domains:
+Or, you can use the Azure CLI to show a list of custom domains:
 ```
 az spring-cloud app custom-domain list --app <app name> 
 ```
 
->[!NOTE]
+> [!NOTE]
 > A **Not Secure** label for your custom domain means that it's not yet bound to an SSL certificate. Any HTTPS request from a browser to your custom domain will receive an error or warning.
 
 ## Add SSL binding
 In the custom domain table, select **Add ssl binding** as shown in the previous figure.  
 1. Select your **Certificate** or import it.
 1. Click **Save**.
 
-![Add SSL binding](./media/custom-dns-tutorial/add-ssl-binding.png)
+    ![Add SSL binding](./media/custom-dns-tutorial/add-ssl-binding.png)
 
-Or using CLI to **Add ssl binding**:
+Or, you can use the Azure CLI to **Add ssl binding**:
 ```
 az spring-cloud app custom-domain update --domain-name <domain name> --certificate <cert name> --app <app name> 
 ```
@@ -131,7 +134,7 @@ In your app page, in the left navigation, select **Custom Domain**. Then, set **
 
 ![Add SSL binding](./media/custom-dns-tutorial/enforce-http.png)
 
-Or using CLI to enforce HTTPS:
+Or, you can use the Azure CLI to enforce HTTPS:
 ```
 az spring-cloud app update -name <app-name> --https-only <true|false> -g <resource group> --service <service-name>
 ```
@@ -141,5 +144,5 @@ When the operation is complete, navigate to any of the HTTPS URLs that point to
 ## See also
 * [What is Azure Key Vault?](https://docs.microsoft.com/azure/key-vault/key-vault-overview)
 * [Import a certificate](https://docs.microsoft.com/azure/key-vault/certificate-scenarios#import-a-certificate)
-* [Launch your Spring Cloud App using the Azure CLI](https://docs.microsoft.com/azure/spring-cloud/spring-cloud-quickstart-launch-app-cli)
+* [Launch your Spring Cloud App by using the Azure CLI](https://docs.microsoft.com/azure/spring-cloud/spring-cloud-quickstart-launch-app-cli)