From 3b9547c2e72fa1ca4852c96df96bc704cd9a4704 Mon Sep 17 00:00:00 2001
From: Paolo Matarazzo <74918781+paolomatarazzo@users.noreply.github.com>
Date: Tue, 30 May 2023 07:41:45 -0400
Subject: [PATCH] updates
---
.openpublishing.redirection.json | 2 +-
windows/security/cloud-security/toc.yml | 2 --
.../identity-protection/enterprise-certificate-pinning.md | 4 ++--
3 files changed, 3 insertions(+), 5 deletions(-)
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index fa1d9738c3..6ca4163187 100644
--- a/.openpublishing.redirection.json
+++ b/.openpublishing.redirection.json
@@ -21476,7 +21476,7 @@
"redirect_document_id": false
},
{
- "source_path": "wwindows/security/identity-protection/user-account-control/user-account-control-overview.md",
+ "source_path": "windows/security/identity-protection/user-account-control/user-account-control-overview.md",
"redirect_url": "windows/security/application-security/application-control/user-account-control",
"redirect_document_id": false
}
diff --git a/windows/security/cloud-security/toc.yml b/windows/security/cloud-security/toc.yml
index 025792a007..4350280431 100644
--- a/windows/security/cloud-security/toc.yml
+++ b/windows/security/cloud-security/toc.yml
@@ -1,6 +1,4 @@
items:
-- name: Overview
- href: ../index.md
- name: Join Active Directory and Azure AD with single sign-on (SSO) 🔗
href: /azure/active-directory/devices/concept-azure-ad-join
- name: Security baselines with Intune 🔗
diff --git a/windows/security/identity-protection/enterprise-certificate-pinning.md b/windows/security/identity-protection/enterprise-certificate-pinning.md
index c7472c807b..bd04cfb415 100644
--- a/windows/security/identity-protection/enterprise-certificate-pinning.md
+++ b/windows/security/identity-protection/enterprise-certificate-pinning.md
@@ -61,7 +61,7 @@ Each PinRule element contains a sequence of one or more Site elements and a sequ
#### PinRules element
The PinRules element can have the following attributes.
-For help with formatting Pin Rules, see [Representing a Date in XML](#representing-a-date-in-xml) or [Representing a Duration in XML](#representing-a-duration-in-xml).
+For help with formatting Pin Rules, see [Represent a date in XML](#represent-a-date-in-xml) or [Represent a duration in XML](#represent-a-duration-in-xml).
| Attribute | Description | Required |
|-----------|-------------|----------|
@@ -88,7 +88,7 @@ The **Certificate** element can have the following attributes.
| **File** | Path to a file containing one or more certificates. Where the certificate(s) can be encoded as:
- single certificate
- p7b
- sst
These files can also be Base64 formatted. All **Site** elements included in the same **PinRule** element can match any of these certificates. | Yes (File, Directory, or Base64 must be present). |
| **Directory** | Path to a directory containing one or more of the above certificate files. Skips any files not containing any certificates. | Yes (File, Directory, or Base64 must be present). |
| **Base64** | Base64 encoded certificate(s). Where the certificate(s) can be encoded as:
- single certificate
- p7b
- sst
This allows the certificates to be included in the XML file without a file directory dependency.
Note:
You can use **certutil -encode** to convert a .cer file into base64. You can then use Notepad to copy and paste the base64 encoded certificate into the pin rule. | Yes (File, Directory, or Base64 must be present). |
-| **EndDate** | Enables you to configure an expiration date for when the certificate is no longer valid in the pin rule.
If you are in the process of switching to a new root or CA, you can set the **EndDate** to allow matching of this element's certificates.
If the current time is past the **EndDate**, then, when creating the certificate trust list (CTL), the parser outputs a warning message and excludes the certificate(s) from the Pin Rule in the generated CTL.
For help with formatting Pin Rules, see [Representing a Date in XML](#representing-a-date-in-xml).| No.|
+| **EndDate** | Enables you to configure an expiration date for when the certificate is no longer valid in the pin rule.
If you are in the process of switching to a new root or CA, you can set the **EndDate** to allow matching of this element's certificates.
If the current time is past the **EndDate**, then, when creating the certificate trust list (CTL), the parser outputs a warning message and excludes the certificate(s) from the Pin Rule in the generated CTL.
For help with formatting Pin Rules, see [Represent a date in XML](#represent-a-date-in-xml).| No.|
#### Site element