X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=certificate-management.adoc;h=4fd2a8ac985175e2b08fd0725fa969ddeb9b5de4;hb=00271f41dbff6bfcce1389bd904337c823dc2d64;hp=a130550731ff801a2a0febd25994a58db81e3df5;hpb=65c80483849e0150fe9fba2cfd5ba7475719e0a2;p=pve-docs.git

diff --git a/certificate-management.adoc b/certificate-management.adoc
index a130550..4fd2a8a 100644
--- a/certificate-management.adoc
+++ b/certificate-management.adoc
@@ -67,13 +67,14 @@ Trusted certificates via Let's Encrypt (ACME)
 
 {PVE} includes an implementation of the **A**utomatic **C**ertificate
 **M**anagement **E**nvironment **ACME** protocol, allowing {pve} admins to
-interface with Let's Encrypt for easy setup of trusted TLS certificates which
-are accepted out of the box on most modern operating systems and browsers.
+use an ACME provider like Let's Encrypt for easy setup of TLS certificates
+which are accepted and trusted on modern operating systems and web browsers
+out of the box.
 
-Currently the two ACME endpoints implemented are the
+Currently, the two ACME endpoints implemented are the
 https://letsencrypt.org[Let's Encrypt (LE)] production and its staging
 environment. Our ACME client supports validation of `http-01` challenges using
-a built-in webserver and validation of `dns-01` challenges using a DNS plugin
+a built-in web server and validation of `dns-01` challenges using a DNS plugin
 supporting all the DNS API endpoints https://acme.sh[acme.sh] does.
 
 [[sysadmin_certs_acme_account]]
@@ -83,7 +84,7 @@ ACME Account
 [thumbnail="screenshot/gui-datacenter-acme-register-account.png"]
 
 You need to register an ACME account per cluster with the endpoint you want to
-use. The email address used for that account will server as contact point for
+use. The email address used for that account will serve as contact point for
 renewal-due or similar notifications from the ACME endpoint.
 
 You can register and deactivate ACME accounts over the web interface
@@ -104,12 +105,11 @@ the {pve} cluster under your operation, are the real owner of a domain. This is
 the basis building block for automatic certificate management.
 
 The ACME protocol specifies different types of challenges, for example the
-`http-01` where a webserver provides a file with a certain value to proof that
-it controls a domain. Sometimes this isn't possible, either because of
-technical limitations or if the address a domain points to is not reachable
-from the public internet. For such cases one could use the `dns-01` challenge.
-That challenge provides also a certain value, but not over a text file, but
-through a DNS record on the authority name server of the domain.
+`http-01` where a web server provides a file with a certain content to prove
+that it controls a domain. Sometimes this isn't possible, either because of
+technical limitations or if the address of a record to is not reachable from
+the public internet. The `dns-01` challenge can be used in these cases.  This
+challenge is fulfilled by creating a certain DNS record in the domain's zone.
 
 [thumbnail="screenshot/gui-datacenter-acme-overview.png"]
 
@@ -168,9 +168,8 @@ Configuring ACME DNS APIs for validation
 ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
 
 {PVE} re-uses the DNS plugins developed for the `acme.sh`
-footnote:[acme.sh https://github.com/acmesh-official/acme.sh]
-project, please refer to its documentation for details on configuration of
-specific APIs.
+footnote:[acme.sh https://github.com/acmesh-official/acme.sh] project, please
+refer to its documentation for details on configuration of specific APIs.
 
 The easiest way to configure a new plugin with the DNS API is using the web
 interface (`Datacenter -> ACME`).
@@ -185,8 +184,8 @@ https://github.com/acmesh-official/acme.sh/wiki/dnsapi#how-to-use-dns-api[How to
 wiki for more detailed information about getting API credentials for your
 provider.
 
-As there are so many API endpoints {pve} autogenerates the formular for the
-credentials, but not all providers are annotated yet. For those you will see a
+As there are many DNS providers and API endpoints {pve} automatically generates
+the form for the credentials for some providers. For the others you will see a
 bigger text area, simply copy all the credentials `KEY`=`VALUE` pairs in there.
 
 DNS Validation through CNAME Alias
@@ -314,7 +313,7 @@ root@proxmox:~# pvenode acme plugin config example_plugin
 ââââââââââ´âââââââââââââââââââââââââââââââââââââââââââ
 ----
 
-At last you can configure the domain you want to get certitficates for and
+At last you can configure the domain you want to get certificates for and
 place the certificate order for it:
 
 ----