MicrosoftDocs
diff --git a/‎azure-sql/managed-instance/subnet-service-aided-configuration-enable.md‎
Lines changed: 2 additions & 4 deletions b/‎azure-sql/managed-instance/subnet-service-aided-configuration-enable.md‎
Lines changed: 2 additions & 4 deletions
diff --git a/‎docs/database-engine/configure-windows/manage-certificates.md‎
Lines changed: 22 additions & 5 deletions b/‎docs/database-engine/configure-windows/manage-certificates.md‎
Lines changed: 22 additions & 5 deletions
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-connected-servers.png‎
-20.4 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-connected-servers.png‎
-20.4 KB
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-empty-list.png‎
-100 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-empty-list.png‎
-100 KB
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-linked.png‎
-19.3 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-linked.png‎
-19.3 KB
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-save.png‎
-53.5 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-save.png‎
-53.5 KB
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-select.png‎
-18.2 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-invoice-select.png‎
-18.2 KB
diff --git a/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-list-of-servers.png‎
-16.4 KB b/‎docs/sql-server/end-of-support/media/sql-server-extended-security-updates/extended-security-updates-list-of-servers.png‎
-16.4 KB
diff --git a/‎docs/sql-server/end-of-support/sql-server-extended-security-updates.md‎
Lines changed: 2 additions & 6 deletions b/‎docs/sql-server/end-of-support/sql-server-extended-security-updates.md‎
Lines changed: 2 additions & 6 deletions
@@ -1,5 +1,5 @@
 ---
-title: Enable service-aided subnet configuration
+title: Service-aided subnet configuration
 description: Learn how you can enable the service-aided subnet configuration for Azure SQL Managed Instance with subnet delegation.
 author: zoran-rilak-msft
 ms.author: zoranrilak
@@ -14,9 +14,7 @@ ms.custom:
 # Enable service-aided subnet configuration for Azure SQL Managed Instance
 [!INCLUDE [appliesto-sqlmi](../includes/appliesto-sqlmi.md)]
 
-This article provides an overview of the service-aided subnet configuration and how to enable it with subnet delegation for Azure SQL Managed Instance.
-
-Service-aided subnet configuration automates network configuration management for subnets that host managed instances, leaving the user fully in control of access to the data (TDS traffic flows) while the managed instance is responsible for ensuring uninterrupted flow of management traffic.
+This article provides an overview of service-aided subnet configuration and how it interacts with the subnets delegated to Azure SQL Managed Instance. Service-aided subnet configuration automates network configuration management for subnets that host managed instances, leaving the user fully in control of access to the data (TDS traffic flows) while the managed instance is responsible for ensuring uninterrupted flow of management traffic.
 
 ## Overview
 
 
@@ -3,7 +3,7 @@ title: Certificate management (SQL Server Configuration Manager)
 description: Learn how to install certificates in various SQL Server configurations. Examples include single instances, failover clusters, and Always On availability groups.
 author: rwestMSFT
 ms.author: randolphwest
-ms.date: 06/20/2024
+ms.date: 08/09/2024
 ms.service: sql
 ms.subservice: configuration
 ms.topic: conceptual
@@ -26,13 +26,17 @@ This article describes how to deploy and manage certificates across your [!INCLU
 
 SSL/TLS certificates are widely used to secure access to [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)]. With earlier versions of [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)], organizations with large [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] estates had to spend considerable effort to maintain their [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] certificate infrastructure, often through developing scripts and running manual commands.
 
+::: moniker range=">=sql-server-ver15"
+
 With [!INCLUDE [sssql19-md](../../includes/sssql19-md.md)] and later versions, certificate management is integrated into the [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] Configuration Manager, which simplifies the following common tasks:
 
 - View and validate certificates installed in a [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] instance.
 - Identify which certificates might be close to expiring.
-- Deploy certificates across AG machines from the node holding the primary replica.
+- Deploy certificates across AG machines from the node hosting the primary replica.
 - Deploy certificates across FCI machines from the active node.
 
+::: moniker-end
+
 You can use certificate management in [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] Configuration Manager with earlier versions of [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)], starting with [!INCLUDE [sql2008-md](../../includes/sql2008-md.md)].
 
 ::: moniker range=">=sql-server-ver15"
@@ -47,12 +51,14 @@ You can use certificate management in [!INCLUDE [ssnoversion-md](../../includes/
 > [!NOTE]  
 > These instructions apply to [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] Configuration Manager for [!INCLUDE [sssql17-md](../../includes/sssql17-md.md)] and earlier versions. For [!INCLUDE [sssql19-md](../../includes/sssql19-md.md)] and later versions, see [Certificate management (SQL Server 2019 Configuration Manager)](manage-certificates.md?view=sql-server-ver15&preserve-view=true).
 
-::: moniker-end
+## <a id="provision-single-server-cert"></a> Install a certificate
 
-## <a id="provision-single-server-cert"></a> Install a certificate for a single SQL Server instance
+::: moniker-end
 
 ::: moniker range=">=sql-server-ver15"
 
+## <a id="provision-single-server-cert"></a> Install a certificate for a single SQL Server instance
+
 1. In [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] Configuration Manager, in the console pane, expand **SQL Server Network Configuration**.
 
 1. Right-click **Protocols for** *&lt;instance Name&gt;*, and then select **Properties**.
@@ -73,8 +79,17 @@ You can use certificate management in [!INCLUDE [ssnoversion-md](../../includes/
 1. Select a certificate from the **Certificate** dropdown list, and then select **Apply**.
 
 1. Select **OK**.
+
+### Install on failover cluster instance and availability group
+
+For a failover cluster instance (FCI) configuration, complete these steps in the active node of the FCI. You must have administrator permissions on all the cluster nodes.
+
+For an availability group (AG) configuration, complete these steps from the node hosting the AG primary replica. You must have administrator permissions on all the cluster nodes.
+
 ::: moniker-end
 
+::: moniker range=">=sql-server-ver15"
+
 ## <a id="provision-failover-cluster-cert"></a> Install a certificate in a failover cluster instance configuration
 
 1. In [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] Configuration Manager, in the console pane, expand **SQL Server Network Configuration**.
@@ -113,7 +128,9 @@ You can use certificate management in [!INCLUDE [ssnoversion-md](../../includes/
 1. Select **Next** to import the certificate on each node.
 
 > [!NOTE]  
-> Complete these steps from the node holding the AG primary replica. User must have administrator permissions on all the cluster nodes.
+> Complete these steps from the node hosting the AG primary replica. User must have administrator permissions on all the cluster nodes.
+
+::: moniker-end
 
 ## Related content
 
 
@@ -134,12 +134,10 @@ You can either register a [single SQL Server instance](#single-sql-server-instan
 
 1. Sign into the [Azure portal](https://portal.azure.com).
 
-1. Navigate to **Azure Arc** and select **Infrastructure** > **SQL Servers**.
+1. Navigate to **Azure Arc** and select **Data services** > **SQL Server instances**.
 
 1. To register a disconnected machine, select **Add** from the menu at the top of the screen.
 
-   :::image type="content" source="media/sql-server-extended-security-updates/extended-security-updates-empty-list.png" alt-text="Screenshot of an empty list of SQL Servers on the Azure Arc portal." lightbox="media/sql-server-extended-security-updates/extended-security-updates-empty-list.png":::
-
 1. Select **Register Servers** to add a disconnected [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] instance.
 
    :::image type="content" source="media/sql-server-extended-security-updates/extended-security-updates-add-connected-or-registered.png" alt-text="Screenshot of the two options for adding connected or registered servers." lightbox="media/sql-server-extended-security-updates/extended-security-updates-add-connected-or-registered.png":::
@@ -168,12 +166,10 @@ Multiple [!INCLUDE [ssNoVersion](../../includes/ssnoversion-md.md)] instances ca
 
 1. Sign into the [Azure portal](https://portal.azure.com).
 
-1. Navigate to **Azure Arc** and select **Infrastructure** > **SQL Servers**.
+1. Navigate to **Azure Arc** and select **Data services** > **SQL Server instances**.
 
 1. To register a disconnected machine, select **Add** from the menu at the top of the screen.
 
-   :::image type="content" source="media/sql-server-extended-security-updates/extended-security-updates-empty-list.png" alt-text="Screenshot of an empty list of SQL Servers on the Azure Arc portal." lightbox="media/sql-server-extended-security-updates/extended-security-updates-empty-list.png":::
-
 1. Select **Register Servers** to add a disconnected [!INCLUDE [ssnoversion-md](../../includes/ssnoversion-md.md)] instance.
 
    :::image type="content" source="media/sql-server-extended-security-updates/extended-security-updates-add-connected-or-registered.png" alt-text="Screenshot of the two options for adding connected or registered servers." lightbox="media/sql-server-extended-security-updates/extended-security-updates-add-connected-or-registered.png":::