MicrosoftDocs
diff --git a/‎articles/active-directory/cloud-provisioning/how-to-prerequisites.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/cloud-provisioning/how-to-prerequisites.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/cloud-provisioning/tutorial-existing-forest.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/cloud-provisioning/tutorial-existing-forest.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/cloud-provisioning/tutorial-single-forest.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/cloud-provisioning/tutorial-single-forest.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/hybrid/how-to-connect-azure-ad-trust.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/hybrid/how-to-connect-azure-ad-trust.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/hybrid/how-to-connect-fed-management.md
Lines changed: 3 additions & 3 deletions b/‎articles/active-directory/hybrid/how-to-connect-fed-management.md
Lines changed: 3 additions & 3 deletions
diff --git a/‎articles/active-directory/hybrid/how-to-connect-fed-ssl-update.md
Lines changed: 13 additions & 13 deletions b/‎articles/active-directory/hybrid/how-to-connect-fed-ssl-update.md
Lines changed: 13 additions & 13 deletions
diff --git a/‎articles/active-directory/hybrid/how-to-connect-fed-whatis.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/hybrid/how-to-connect-fed-whatis.md
Lines changed: 1 addition & 1 deletion
diff --git a/‎articles/active-directory/hybrid/how-to-connect-health-agent-install.md
Lines changed: 1 addition & 1 deletion b/‎articles/active-directory/hybrid/how-to-connect-health-agent-install.md
Lines changed: 1 addition & 1 deletion
@@ -48,7 +48,7 @@ Run the [IdFix tool](https://docs.microsoft.com/office365/enterprise/prepare-dir
 
         | Port number | How it's used |
         | --- | --- |
-        | **80** | Downloads the certificate revocation lists (CRLs) while validating the SSL certificate.  |
+        | **80** | Downloads the certificate revocation lists (CRLs) while validating the TLS/SSL certificate.  |
         | **443** | Handles all outbound communication with the service. |
         | **8080** (optional) | Agents report their status every 10 minutes over port 8080, if port 443 is unavailable. This status is displayed in the Azure AD portal. |
      
 
@@ -38,7 +38,7 @@ In this scenario, there is an existing forest synced using Azure AD Connect sync
 
      | Port number | How it's used |
      | --- | --- |
-     | **80** | Downloads the certificate revocation lists (CRLs) while validating the SSL certificate |
+     | **80** | Downloads the certificate revocation lists (CRLs) while validating the TLS/SSL certificate |
      | **443** | Handles all outbound communication with the service |
      | **8080** (optional) | Agents report their status every 10 minutes over port 8080, if port 443 is unavailable. This status is displayed on the Azure AD portal. |
      
 
@@ -36,7 +36,7 @@ You can use the environment you create in this tutorial for testing or for getti
 
      | Port number | How it's used |
      | --- | --- |
-     | **80** | Downloads the certificate revocation lists (CRLs) while validating the SSL certificate |
+     | **80** | Downloads the certificate revocation lists (CRLs) while validating the TLS/SSL certificate |
      | **443** | Handles all outbound communication with the service |
      | **8080** (optional) | Agents report their status every 10 minutes over port 8080, if port 443 is unavailable. This status is displayed on the Azure AD portal. |
      
 
@@ -58,7 +58,7 @@ Azure AD connect does not update all settings for Azure AD trust during configur
 | Add WAP server | None |
 | Device options | Issuance transform rules, IWA for device registration |
 | Add federated domain | If the domain is being added for the first time, that is, the setup is changing from single domain federation to multi-domain federation – Azure AD Connect will recreate the trust from scratch. If the trust with Azure AD is already configured for multiple domains, only Issuance transform rules are modified |
-| Update SSL | None |
+| Update TLS | None |
 
 During all operations, in which, any setting is modified, Azure AD Connect makes a backup of the current trust settings at **%ProgramData%\AADConnect\ADFS**
 
 
@@ -31,7 +31,7 @@ This article describes how to manage and customize Active Directory Federation S
 | [Add an AD FS server](#addadfsserver) |How to expand an AD FS farm with an additional AD FS server. |
 | [Add an AD FS Web Application Proxy server](#addwapserver) |How to expand an AD FS farm with an additional Web Application Proxy (WAP) server. |
 | [Add a federated domain](#addfeddomain) |How to add a federated domain. |
-| [Update the SSL certificate](how-to-connect-fed-ssl-update.md)| How to update the SSL certificate for an AD FS farm. |
+| [Update the TLS/SSL certificate](how-to-connect-fed-ssl-update.md)| How to update the TLS/SSL certificate for an AD FS farm. |
 | **Customize AD FS** | |
 | [Add a custom company logo or illustration](#customlogo) |How to customize an AD FS sign-in page with a company logo and illustration. |
 | [Add a sign-in description](#addsignindescription) |How to add a sign-in page description. |
@@ -103,7 +103,7 @@ Configuring alternate login ID for AD FS consists of two main steps:
 
    ![Certificate password](./media/how-to-connect-fed-management/AddNewADFSServer4.PNG)
 
-    ![Specify SSL certificate](./media/how-to-connect-fed-management/AddNewADFSServer5.PNG)
+    ![Specify TLS/SSL certificate](./media/how-to-connect-fed-management/AddNewADFSServer5.PNG)
 
 5. On the **AD FS Servers** page, enter the server name or IP address to be added to the AD FS farm.
 
@@ -131,7 +131,7 @@ Configuring alternate login ID for AD FS consists of two main steps:
 3. On the **Specify SSL certificate** page, provide the password for the PFX file that you provided when you configured the AD FS farm with Azure AD Connect.
    ![Certificate password](./media/how-to-connect-fed-management/WapServer3.PNG)
 
-    ![Specify SSL certificate](./media/how-to-connect-fed-management/WapServer4.PNG)
+    ![Specify TLS/SSL certificate](./media/how-to-connect-fed-management/WapServer4.PNG)
 
 4. Add the server to be added as a WAP server. Because the WAP server might not be joined to the domain, the wizard asks for administrative credentials to the server being added.
 
 
@@ -1,6 +1,6 @@
 ---
-title: Azure AD Connect - Update the SSL certificate for an AD FS farm | Microsoft Docs
-description: This document details the steps to update the SSL certificate of an AD FS farm by using Azure AD Connect.
+title: Azure AD Connect - Update the TLS/SSL certificate for an AD FS farm | Microsoft Docs
+description: This document details the steps to update the TLS/SSL certificate of an AD FS farm by using Azure AD Connect.
 services: active-directory
 manager: daveba
 editor: billmath
@@ -18,12 +18,12 @@ ms.author: billmath
 ms.collection: M365-identity-device-management
 ---
 
-# Update the SSL certificate for an Active Directory Federation Services (AD FS) farm
+# Update the TLS/SSL certificate for an Active Directory Federation Services (AD FS) farm
 
 ## Overview
-This article describes how you can use Azure AD Connect to update the SSL certificate for an Active Directory Federation Services (AD FS) farm. You can use the Azure AD Connect tool to easily update the SSL certificate for the AD FS farm even if the user sign-in method selected is not AD FS.
+This article describes how you can use Azure AD Connect to update the TLS/SSL certificate for an Active Directory Federation Services (AD FS) farm. You can use the Azure AD Connect tool to easily update the TLS/SSL certificate for the AD FS farm even if the user sign-in method selected is not AD FS.
 
-You can perform the whole operation of updating SSL certificate for the AD FS farm across all federation and Web Application Proxy (WAP) servers in three simple steps:
+You can perform the whole operation of updating TLS/SSL certificate for the AD FS farm across all federation and Web Application Proxy (WAP) servers in three simple steps:
 
 ![Three steps](./media/how-to-connect-fed-ssl-update/threesteps.png)
 
@@ -36,15 +36,15 @@ You can perform the whole operation of updating SSL certificate for the AD FS fa
 * **AD FS Farm**: Make sure that your AD FS farm is Windows Server 2012 R2-based or later.
 * **Azure AD Connect**: Ensure that the version of Azure AD Connect is 1.1.553.0 or higher. You'll use the task **Update AD FS SSL certificate**.
 
-![Update SSL task](./media/how-to-connect-fed-ssl-update/updatessltask.png)
+![Update TLS task](./media/how-to-connect-fed-ssl-update/updatessltask.png)
 
 ## Step 1: Provide AD FS farm information
 
 Azure AD Connect attempts to obtain information about the AD FS farm automatically by:
 1. Querying the farm information from AD FS (Windows Server 2016 or later).
 2. Referencing the information from previous runs, which are stored locally with Azure AD Connect.
 
-You can modify the list of servers that are displayed by adding or removing the servers to reflect the current configuration of the AD FS farm. As soon as the server information is provided, Azure AD Connect displays the connectivity and current SSL certificate status.
+You can modify the list of servers that are displayed by adding or removing the servers to reflect the current configuration of the AD FS farm. As soon as the server information is provided, Azure AD Connect displays the connectivity and current TLS/SSL certificate status.
 
 ![AD FS server info](./media/how-to-connect-fed-ssl-update/adfsserverinfo.png)
 
@@ -55,11 +55,11 @@ If the list contains a server that's no longer part of the AD FS farm, click **R
 >[!NOTE]
 > Removing a server from the list of servers for an AD FS farm in Azure AD Connect is a local operation and updates the information for the AD FS farm that Azure AD Connect maintains locally. Azure AD Connect doesn't modify the configuration on AD FS to reflect the change.    
 
-## Step 2: Provide a new SSL certificate
+## Step 2: Provide a new TLS/SSL certificate
 
-After you've confirmed the information about AD FS farm servers, Azure AD Connect asks for the new SSL certificate. Provide a password-protected PFX certificate to continue the installation.
+After you've confirmed the information about AD FS farm servers, Azure AD Connect asks for the new TLS/SSL certificate. Provide a password-protected PFX certificate to continue the installation.
 
-![SSL certificate](./media/how-to-connect-fed-ssl-update/certificate.png)
+![TLS/SSL certificate](./media/how-to-connect-fed-ssl-update/certificate.png)
 
 After you provide the certificate, Azure AD Connect goes through a series of prerequisites. Verify the certificate to ensure that the certificate is correct for the AD FS farm:
 
@@ -70,7 +70,7 @@ After you provide the certificate, Azure AD Connect goes through a series of pre
 
 ## Step 3: Select servers for the update
 
-In the next step, select the servers that need to have the SSL certificate updated. Servers that are offline can't be selected for the update.
+In the next step, select the servers that need to have the TLS/SSL certificate updated. Servers that are offline can't be selected for the update.
 
 ![Select servers to update](./media/how-to-connect-fed-ssl-update/selectservers.png)
 
@@ -80,7 +80,7 @@ After you complete the configuration, Azure AD Connect displays the message that
 
 ## FAQs
 
-* **What should be the subject name of the certificate for the new AD FS SSL certificate?**
+* **What should be the subject name of the certificate for the new AD FS TLS/SSL certificate?**
 
     Azure AD Connect checks if the subject name/alternate subject name of the certificate contains the federation service name. For example, if your federation service name is fs.contoso.com, the subject name/alternate subject name must be fs.contoso.com.  Wildcard certificates are also accepted.
 
@@ -92,7 +92,7 @@ After you complete the configuration, Azure AD Connect displays the message that
 
     Azure AD Connect can't perform any operation if the server is offline. If the server is part of the AD FS farm, then check the connectivity to the server. After you've resolved the issue, press the refresh icon to update the status in the wizard. If the server was part of the farm earlier but now no longer exists, click **Remove** to delete it from the list of servers that Azure AD Connect maintains. Removing the server from the list in Azure AD Connect doesn't alter the AD FS configuration itself. If you're using AD FS in Windows Server 2016 or later, the server remains in the configuration settings and will be shown again the next time the task is run.
 
-* **Can I update a subset of my farm servers with the new SSL certificate?**
+* **Can I update a subset of my farm servers with the new TLS/SSL certificate?**
 
     Yes. You can always run the task **Update SSL Certificate** again to update the remaining servers. On the **Select servers for SSL certificate update** page, you can sort the list of servers on **SSL Expiry date** to easily access the servers that aren't updated yet.
 
 
@@ -37,7 +37,7 @@ This topic is the home for information on federation-related functionalities for
 | [Add a new AD FS server](how-to-connect-fed-management.md#addadfsserver) |Expand an AD FS farm with an additional AD FS server after initial installation. |
 | [Add a new AD FS WAP server](how-to-connect-fed-management.md#addwapserver) |Expand an AD FS farm with an additional Web Application Proxy (WAP) server after initial installation. |
 | [Add a new federated domain](how-to-connect-fed-management.md#addfeddomain) |Add another domain to be federated with Azure AD. |
-| [Update the SSL certificate](how-to-connect-fed-ssl-update.md)| Update the SSL certificate for an AD FS farm. |
+| [Update the TLS/SSL certificate](how-to-connect-fed-ssl-update.md)| Update the TLS/SSL certificate for an AD FS farm. |
 | [Renew federation certificates for Office 365 and Azure AD](how-to-connect-fed-o365-certs.md)|Renew your O365 certificate with Azure AD.|
 | **Other federation configuration** | |
 | [Federate multiple instances of Azure AD with single instance of AD FS](how-to-connect-fed-single-adfs-multitenant-federation.md) | Federate multiple Azure AD with single AD FS farm| 
 
@@ -33,7 +33,7 @@ The following table is a list of requirements for using Azure AD Connect Health.
 | Azure AD Connect Health Agent is installed on each targeted server | Azure AD Connect Health requires the Health Agents to be installed and configured on targeted servers to receive the data and provide the Monitoring and Analytics capabilities. <br /><br />For example, to get data from your AD FS infrastructure, the agent must be installed on the AD FS and Web Application Proxy servers. Similarly, to get data on your on-premises AD DS infrastructure, the agent must be installed on the domain controllers. <br /><br /> |
 | Outbound connectivity to the Azure service endpoints | During installation and runtime, the agent requires connectivity to Azure AD Connect Health service endpoints. If outbound connectivity is blocked using Firewalls, ensure that the following endpoints are added to the allowed list. See [outbound connectivity endpoints](how-to-connect-health-agent-install.md#outbound-connectivity-to-the-azure-service-endpoints) |
 |Outbound connectivity based on IP Addresses | For IP address based filtering on firewalls, refer to the [Azure IP Ranges](https://www.microsoft.com/download/details.aspx?id=41653).|
-| SSL Inspection for outbound traffic is filtered or disabled | The agent registration step or data upload operations may fail if there is SSL inspection or termination for outbound traffic at the network layer. Read more about [how to setup SSL inspection](https://technet.microsoft.com/library/ee796230.aspx) |
+| TLS Inspection for outbound traffic is filtered or disabled | The agent registration step or data upload operations may fail if there is TLS inspection or termination for outbound traffic at the network layer. Read more about [how to setup TLS inspection](https://technet.microsoft.com/library/ee796230.aspx) |
 | Firewall ports on the server running the agent |The agent requires the following firewall ports to be open in order for the agent to communicate with the Azure AD Health service endpoints.<br /><br /><li>TCP port 443</li><li>TCP port 5671</li> <br />Note that port 5671 is no longer required for the latest version of agent. Upgrade to the latest version so only port 443 is required. Read more about [enable firewall ports](https://technet.microsoft.com/library/ms345310(v=sql.100).aspx) |
 | Allow the following websites if IE Enhanced Security is enabled |If IE Enhanced Security is enabled, then the following websites must be allowed on the server that is going to have the agent installed.<br /><br /><li>https:\//login.microsoftonline.com</li><li>https:\//secure.aadcdn.microsoftonline-p.com</li><li>https:\//login.windows.net</li><li>https:\//aadcdn.msftauth.net</li><li>The federation server for your organization trusted by Azure Active Directory. For example: https:\//sts.contoso.com</li> Read more about [how to configure IE](https://support.microsoft.com/help/815141/internet-explorer-enhanced-security-configuration-changes-the-browsing). In case you have a proxy within your network , please see note below.|
 | Ensure PowerShell v4.0 or newer is installed | <li>Windows Server 2008 R2 ships with PowerShell v2.0, which is insufficient for the agent. Update PowerShell as explained below under [Agent installation on Windows Server 2008 R2 Servers](#agent-installation-on-windows-server-2008-r2-servers).</li><li>Windows Server 2012 ships with PowerShell v3.0, which is insufficient for the agent.  [Update](https://www.microsoft.com/download/details.aspx?id=40855) the Windows Management Framework.</li><li>Windows Server 2012 R2 and later ship with a sufficiently recent version of PowerShell.</li>|