From 8c1d6786ce11c03f65d8f6d4852a62f0f36fa4ac Mon Sep 17 00:00:00 2001
From: Edgar Parra <127970167+EdgarPMIA@users.noreply.github.com>
Date: Tue, 10 Sep 2024 12:48:55 -0400
Subject: [PATCH 1/4] Update comprehensive-guidance-on-linux-deployment.md

Added a link that explains in great detail what the enterprise certificate pinning process Defender for Endpoint uses to keep the traffic between Endpoints and the backend cloud service secure. This is part of the important note that mentions this traffic should not be SSL inspected because it will break the certificate pinning chain.
---
 .../comprehensive-guidance-on-linux-deployment.md              | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
index 582cbe9b7c..00eb17bffc 100644
--- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
+++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
@@ -130,7 +130,8 @@ The following table lists the supported proxy settings:
 
 #### Step 3: Verify SSL inspection isn't being performed on the network traffic
 
-To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs.
+To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, please visit the following link:
+https://learn.microsoft.com/en-us/windows/security/identity-protection/enterprise-certificate-pinning
 
 ##### Troubleshoot cloud connectivity issues
 

From dec4eebdb6905143f9827612c6f32da9c0902bd9 Mon Sep 17 00:00:00 2001
From: Edgar Parra <127970167+EdgarPMIA@users.noreply.github.com>
Date: Tue, 10 Sep 2024 13:02:02 -0400
Subject: [PATCH 2/4] Update comprehensive-guidance-on-linux-deployment.md

updated the link to be a relative link, rather than using a EN-US locale
---
 defender-endpoint/comprehensive-guidance-on-linux-deployment.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
index 00eb17bffc..9c1e6e6764 100644
--- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
+++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
@@ -131,7 +131,7 @@ The following table lists the supported proxy settings:
 #### Step 3: Verify SSL inspection isn't being performed on the network traffic
 
 To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, please visit the following link:
-https://learn.microsoft.com/en-us/windows/security/identity-protection/enterprise-certificate-pinning
+https://learn.microsoft.com/windows/security/identity-protection/enterprise-certificate-pinning
 
 ##### Troubleshoot cloud connectivity issues
 

From 5afbfbf5dc69179336ffe655163d9bfddc3330ff Mon Sep 17 00:00:00 2001
From: Edgar Parra <127970167+EdgarPMIA@users.noreply.github.com>
Date: Tue, 10 Sep 2024 13:29:49 -0400
Subject: [PATCH 3/4] Update comprehensive-guidance-on-linux-deployment.md

updated the URL to use a relative link URL.
Hopefully that works better, first time doing that in an article
---
 defender-endpoint/comprehensive-guidance-on-linux-deployment.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
index 9c1e6e6764..10cb82fb7f 100644
--- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
+++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
@@ -131,7 +131,7 @@ The following table lists the supported proxy settings:
 #### Step 3: Verify SSL inspection isn't being performed on the network traffic
 
 To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, please visit the following link:
-https://learn.microsoft.com/windows/security/identity-protection/enterprise-certificate-pinning
+[enterprise-certificate-pinning] (/windows/security/identity-protection/enterprise-certificate-pinning).
 
 ##### Troubleshoot cloud connectivity issues
 

From 503ef8af11baff21bb9313e0c17a00dd5890c3d4 Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT <deniseb@microsoft.com>
Date: Tue, 10 Sep 2024 13:05:01 -0700
Subject: [PATCH 4/4] Update comprehensive-guidance-on-linux-deployment.md

---
 .../comprehensive-guidance-on-linux-deployment.md            | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
index 10cb82fb7f..4766c177d3 100644
--- a/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
+++ b/defender-endpoint/comprehensive-guidance-on-linux-deployment.md
@@ -14,7 +14,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: linux
 search.appverid: met150
-ms.date: 05/08/2024
+ms.date: 09/10/2024
 ---
 
 # Advanced deployment guidance for Microsoft Defender for Endpoint on Linux
@@ -130,8 +130,7 @@ The following table lists the supported proxy settings:
 
 #### Step 3: Verify SSL inspection isn't being performed on the network traffic
 
-To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You have to bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, please visit the following link:
-[enterprise-certificate-pinning] (/windows/security/identity-protection/enterprise-certificate-pinning).
+To prevent man-in-the-middle attacks, all Microsoft Azure hosted traffic uses certificate pinning. As a result, SSL inspections by major firewall systems aren't allowed. You must bypass SSL inspection for Microsoft Defender for Endpoint URLs. For additional information about the certificate pinning process, see [enterprise-certificate-pinning] (/windows/security/identity-protection/enterprise-certificate-pinning).
 
 ##### Troubleshoot cloud connectivity issues