fixing media a(rrgh)nchors

dragav · dragav · commit ea242b9b474a · 2020-04-24T11:37:47.000-07:00
diff --git a/articles/service-fabric/cluster-security-certificate-management.md b/articles/service-fabric/cluster-security-certificate-management.md
@@ -65,14 +65,17 @@ These steps are illustrated below; note the differences in provisioning between
 
 *Fig. 1.* Issuance and provisioning flow of certificates declared by thumbprint.
 <center>
+
 ![Provisioning certificates declared by thumbprint][Image1]
 </center>
 
 *Fig. 2.* Issuance and provisioning flow of certificates declared by subject common name.
 <center>
+
 ![Provisioning certificates declared by subject common name][Image2]
 </center>
 
+
 ### Certificate enrollment
 This topic is covered in detail in the Key Vault [documentation](../key-vault/create-certificate.md); we're including a synopsis here for continuity and easier reference. Continuing with Azure as the context, and using Azure Key Vault as the secret management service, an authorized certificate requester must have at least certificate management permissions on the vault, granted by the vault owner; the requester would then enroll into a certificate as follows:
     - creates a certificate policy in Azure Key Vault (AKV), which specifies the domain/subject of the certificate, the desired issuer, key type and length, intended key usage and more; see [Certificates in Azure Key Vault](../key-vault/certificate-scenarios.md) for details. 
