Implementing additional feedback

dcpena · dcpena · commit 5290b545f903 · 2024-11-18T14:55:05.000-06:00
diff --git a/src/content/docs/learning-paths/mtls/mtls-app-security/index.mdx b/src/content/docs/learning-paths/mtls/mtls-app-security/index.mdx
@@ -15,10 +15,10 @@ By default, mTLS uses Client Certificates issued by a Cloudflare Managed CA. Clo
 
 ## 1. Enable mTLS
 
-1. Go to your Cloudflare dashboard and selecting your account.
+1. Go to your Cloudflare dashboard and select your account.
 2. Select **SSL/TLS** > **[Client Certificates](/ssl/client-certificates/)** tab and add the Hosts (hostnames) you want to [enable mTLS](/ssl/client-certificates/enable-mtls/) for. 
 
-    `Example host: [mtls-test.example.com](https://mtls-test.example.com/)`
+    Example host: `mtls-test.example.com`
 
 3. Select **Create Certificate** to generate the private key (usually referred to as Private Certificate) and Certificate Signing Request (CSR) with Cloudflare (which includes the Public Certificate), or use your own private key and CSR. Using your own allows you to also [label client certificates](/ssl/client-certificates/label-client-certificate/).
 
@@ -30,6 +30,8 @@ openssl req -new -newkey rsa:2048 -nodes -keyout client1.key -out client1.csr -s
 
 Or use a script like this one from [GitHub](https://github.com/erfianugrah/rootcatest/blob/main/fullgenerator.py).
 
+Do not forget to copy the values shown when creating the certificate as they become unavailable after creation.
+
 ## 2. Install the client certificate
 
 In order for a client to utilize the Client Certificate you created, it must be on the devices that you want to use them on. You will want to place them in the same directory as your process / script that targets your APIs / hostnames.
@@ -44,12 +46,16 @@ Another example is to generate a [PKCS12 (P12) certificate](https://en.wikipedia
 openssl pkcs12 -export -out certificate.p12 -inkey private-cert.pem -in cert.pem
 ```
 
+Use the values from the previous step.
+
 Example using cURL command:
 
 ```cURL
 curl -v --cert cert.pem --key private-cert.pem <HOSTNAME>
 ```
 
+Use the values from the previous step.
+
 ## 3. Validate the client certificate in the WAF
 
 mTLS is verified and checked in the [Cloudflare WAF phase](/waf/reference/phases/). This is done by creating WAF [Custom Rules](/waf/custom-rules/) using the dynamic fields.
diff --git a/src/content/docs/learning-paths/mtls/mtls-app-security/related-features.mdx b/src/content/docs/learning-paths/mtls/mtls-app-security/related-features.mdx
@@ -158,4 +158,4 @@ Cloudflare Workers can provide details around the Client Certificate, such as re
 
 
 :::note
-Snippets do not support any [Bindings](/workers/runtime-apis/bindings/) and does not work with mTLS.
+Snippets do not support any [Bindings](/workers/runtime-apis/bindings/) and do not work with mTLS. However, you can [validate JSON web tokens (JWT)](/rules/snippets/examples/jwt-validation/).

Original file line number	Diff line number	Diff line change
`@@ -158,4 +158,4 @@ Cloudflare Workers can provide details around the Client Certificate, such as re`
`158`	`158`
`159`	`159`
`160`	`160`	`:::note`
`161`		`-Snippets do not support any [Bindings](/workers/runtime-apis/bindings/) and does not work with mTLS.`
	`161`	`+Snippets do not support any [Bindings](/workers/runtime-apis/bindings/) and do not work with mTLS. However, you can [validate JSON web tokens (JWT)](/rules/snippets/examples/jwt-validation/).`