[SSL] Remove word Step from headings and adjust anchors

src/content/docs/ssl/client-certificates/configure-your-mobile-app-or-iot-device.mdx

@@ -98,7 +98,7 @@ addEventListener("fetch", (event) => {
 
 ---
 
-## Step 1 — Validate API
+## 1. Validate API
 
 ### POST sample data to API
 
@@ -141,7 +141,7 @@ $ curl --silent https://shield.upinatoms.com/temps | jq .
 
 ---
 
-## Step 2 — Create Cloudflare-issued certificates
+## 2. Create Cloudflare-issued certificates
 
 Before you can use API Shield to protect your API or web application, create Cloudflare-issued client certificates.
 
@@ -262,7 +262,7 @@ $ curl https://api.cloudflare.com/client/v4/zones/{zone_id}/client_certificates
 
 ---
 
-## Step 3 — Embed the client certificate in your mobile app
+## 3. Embed the client certificate in your mobile app
 
 To configure the mobile app to securely request temperature data submitted by the IoT device, embed the client certificate in the mobile app.
 
@@ -274,7 +274,7 @@ Enter Export Password:
 Verifying - Enter Export Password:
 ```
 
-In a real-world deployment, a bootstrap certificate should only be used in conjunction with users’ credentials to authenticate with an API endpoint that can return a unique user certificate. Corporate users will want to use mobile device management (MDM) to distribute certificates.
+In a real-world deployment, a bootstrap certificate should only be used in conjunction with users' credentials to authenticate with an API endpoint that can return a unique user certificate. Corporate users will want to use mobile device management (MDM) to distribute certificates.
 
 ### Embed the client certificate in an Android app
 
@@ -351,7 +351,7 @@ The above function returns an `OkHttpClient` embedded with the client certificat
 
 ---
 
-## Step 4 — Embed the client certificate on your IoT device
+## 4. Embed the client certificate on your IoT device
 
 To prepare the IoT device for secure communication with the API endpoint, embed the certificate on the device and configure the device to use the certificate when making POST requests.
 
@@ -411,12 +411,12 @@ Response status code: 201
 
 ---
 
-## Step 5 — Enable mTLS
+## 5. Enable mTLS
 
 After creating Cloudflare-issued certificates, the next step is to [enable mTLS](/ssl/client-certificates/enable-mtls/) for the hosts you want to protect with API Shield.
 
 ---
 
-## Step 6 — Configure API Shield to require client certificates
+## 6. Configure API Shield to require client certificates
 
 To configure API Shield to require client certificates, [create a mTLS rule](/api-shield/security/mtls/configure/#create-an-mtls-rule/).

src/content/docs/ssl/edge-certificates/encrypt-visitor-traffic.mdx

@@ -16,21 +16,21 @@ Before trying to enforce HTTPS connections, make sure that your application has
 
 Also, make sure that your [SSL encryption mode](/ssl/origin-configuration/ssl-modes/) is not set to **Off**. Otherwise, Cloudflare will redirect all visitor connections automatically to HTTP.
 
-## Step 1 — Evaluate existing redirects
+## 1. Evaluate existing redirects
 
 To make sure that your visitors do not get stuck in a [redirect loop](/ssl/troubleshooting/too-many-redirects/), evaluate existing redirects at your origin server and within the Cloudflare dashboard.
 
 You should generally avoid redirects at your origin server. Not only are you likely to forget about them, but they also reduce application performance. It is much faster for Cloudflare to redirect requests before they ever reach your origin.
 
 Make sure that your redirects within Cloudflare are not forwarding traffic to URLs starting with `http`.
 
-## Step 2 — Rewrite HTTP URLs
+## 2. Rewrite HTTP URLs
 
 If your application contains links or references to HTTP URLs, your visitors might see [mixed content errors](/ssl/troubleshooting/mixed-content-errors/) when accessing an HTTPS page.
 
 To avoid these issues, enable [Automatic HTTPS Rewrites](/ssl/edge-certificates/additional-options/automatic-https-rewrites/) and pay attention to which HTTP requests are still reaching your origin server.
 
-## Step 3 — Redirect traffic to HTTPS
+## 3. Redirect traffic to HTTPS
 
 If your entire application can support HTTPS traffic, enable [Always Use HTTPS](/ssl/edge-certificates/additional-options/always-use-https/#encrypt-all-visitor-traffic).
 

src/content/docs/ssl/edge-certificates/staging-environment.mdx

@@ -22,7 +22,7 @@ Use your certificate staging environment to test new custom (modern) certificate
 
 ## Use your staging environment
 
-### Step 1 — Upload certificate
+### 1. Upload certificate
 
 To upload custom (modern) certificates to your staging environment:
 
@@ -31,7 +31,7 @@ To upload custom (modern) certificates to your staging environment:
 3. Upload your custom (modern) certificate ([detailed instructions](/ssl/edge-certificates/custom-certificates/uploading/)).
 4. Your certificate will appear in the dashboard with a status of **Staging Deployment**. If you refresh the page, its status should go to **Staging Active**.
 
-### Step 2 — Test certificate
+### 2. Test certificate
 
 Test your custom (modern) certificate by sending `curl` requests to the IP addresses listed in the dashboard card at **SSL/TLS** > **Staging Certificates**:
 
@@ -45,7 +45,7 @@ You should confirm whether:
 * The right certificate is being served at the edge.
 * Any clients are pinning the old certificate.
 
-### Step 3 — Push certificate to production
+### 3. Push certificate to production
 
 Assuming there are no issues, push your custom (modern) certificate to your production environment:
 
@@ -55,7 +55,7 @@ Assuming there are no issues, push your custom (modern) certificate to your prod
 
 If there were issues with your certificate, you can keep it in your staging environment or select **Deactivate** on the certificate itself.
 
-### Step 4 (optional) — Push certificate back to staging
+### 4. (Optional) Push certificate back to staging
 
 If you roll out a custom (modern) certificate to production and encounter issues, you can deactivate that certificate to delete the certificate from the edge and then push the certificate back to your staging environment for additional testing:
 

src/content/docs/ssl/keyless-ssl/configuration/cloudflare-tunnel.mdx

@@ -19,13 +19,13 @@ Through an integration with [Cloudflare Tunnel](/cloudflare-one/connections/conn
 
 ***
 
-## Step 1 - Install `cloudflared` on key server
+## 1. Install `cloudflared` on key server
 
 First, install `cloudflared` on your key server.
 
 <Render file="keyless-tunnel-setup" /> <br/>
 
-## Step 2 - Create a Tunnel
+## 2. Create a Tunnel
 
 Then, create a Cloudflare Tunnel.
 
@@ -38,7 +38,7 @@ After you create the Tunnel, use the Cloudflare API to [List tunnel routes](/api
 * `"virtual_network_id"`
 * `"network"`
 
-## Step 3 - Upload Keyless SSL Certificates
+## 3. Upload Keyless SSL Certificates
 
 <Render file="keyless-upload-preamble" />
 
@@ -59,6 +59,6 @@ When you receive the `network` value from the Tunnel route API, it will include
 
 :::
 
-## Step 4 - Set up and activate key server
+## 4. Set up and activate key server
 
 <Render file="keyless-key-server-setup" params={{ one: "keyserver.keyless.example.com" }} />

src/content/docs/ssl/keyless-ssl/configuration/public-dns.mdx

@@ -20,7 +20,7 @@ This setup option is not ideal as the DNS record cannot be [proxied](/dns/manage
 
 ---
 
-## Step 1 - Create public DNS record
+## 1. Create public DNS record
 
 1. Open a Terminal and run `openssl rand -hex 24` to generate a long, random hostname such as `11aa40b4a5db06d4889e48e2f738950ddfa50b7349d09b5f.example.com`.
 2. Add this record via your DNS provider’s interface as an **A** or **AAAA** record pointing to the IP address of your Keyless SSL server.
@@ -34,7 +34,7 @@ As a security measure, you should hide the hostname of your key server.
 
 ---
 
-## Step 2 — Upload Keyless SSL Certificates
+## 2. Upload Keyless SSL Certificates
 
 <Render file="keyless-upload-preamble" />
 
@@ -63,7 +63,7 @@ To create a Keyless certificate with the API, send a [`POST`](/api/operations/ke
 
 ---
 
-## Step 3 — Set up and activate key server
+## 3. Set up and activate key server
 
 <Render
 	file="keyless-key-server-setup"

src/content/docs/ssl/keyless-ssl/hardware-security-modules/azure-dedicated-hsm.mdx

@@ -126,7 +126,7 @@ Using "CKM_SHA256_RSA_PKCS" Mechanism
 
 ## 3. Obtain and upload a signed certificate from your Certificate Authority (CA)
 
-Provide the CSR created in the previous step to your organization’s preferred CA, demonstrate control of your domain as requested, and then download the signed SSL certificates. Follow the instructions provided in [Uploading “Keyless” SSL Certificates](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#step-3---upload-keyless-ssl-certificates).
+Provide the CSR created in the previous step to your organization's preferred CA, demonstrate control of your domain as requested, and then download the signed SSL certificates. Follow the instructions provided in [Uploading “Keyless” SSL Certificates](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#3-upload-keyless-ssl-certificates).
 
 ---
 

src/content/docs/ssl/keyless-ssl/hardware-security-modules/azure-managed-hsm.mdx

@@ -26,7 +26,7 @@ Create a VM where you will deploy the keyless daemon.
 
 ## 2. Deploy the keyless server
 
-Follow [these instructions](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#step-4---set-up-and-activate-key-server) to deploy your keyless server.
+Follow [these instructions](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#4-set-up-and-activate-key-server) to deploy your keyless server.
 
 ---
 

src/content/docs/ssl/keyless-ssl/hardware-security-modules/ibm-cloud-hsm.mdx

@@ -123,7 +123,7 @@ Using "CKM_ECDSA_SHA256" Mechanism
 
 ## 3. Obtain and upload signed certificates from your Certificate Authority (CA)
 
-Provide the CSRs created in the previous step to your organization’s preferred CA, demonstrate control of your domain as requested, and then download the signed SSL certificates. Follow the instructions provided in [Uploading “Keyless” SSL Certificates](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#step-3---upload-keyless-ssl-certificates).
+Provide the CSRs created in the previous step to your organization’s preferred CA, demonstrate control of your domain as requested, and then download the signed SSL certificates. Follow the instructions provided in [Uploading “Keyless” SSL Certificates](/ssl/keyless-ssl/configuration/cloudflare-tunnel/#3-upload-keyless-ssl-certificates).
 
 ---