diff --git a/docs/en/Deployment/Configuring-OpenIddict.md b/docs/en/Deployment/Configuring-OpenIddict.md index 6a03b8357e..bf7bc9c619 100644 --- a/docs/en/Deployment/Configuring-OpenIddict.md +++ b/docs/en/Deployment/Configuring-OpenIddict.md @@ -45,18 +45,18 @@ private X509Certificate2 GetSigningCertificate(IWebHostEnvironment hostingEnv) ## Development Environment -We enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It will registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**. +We've enabled `AddDevelopmentEncryptionAndSigningCertificate` by default on development environment, It registers (and generates if necessary) a user-specific development encryption/development signing certificate. This is a certificate used for signing and encrypting the tokens and for **development environment only**. `AddDevelopmentEncryptionAndSigningCertificate` cannot be used in applications deployed on IIS or Azure App Service: trying to use them on IIS or Azure App Service will result in an exception being thrown at runtime (unless the application pool is configured to [load a user profile](https://learn.microsoft.com/en-us/iis/manage/configuring-security/application-pool-identities#user-profile)). -To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates store of the host machine(s). This is the way we use in production environment. +To avoid that, consider creating self-signed certificates and storing them in the X.509 certificates storage of the host machine(s). This is the way we do it in production environment. ## Production Environment -We disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`. +We've disabled `AddDevelopmentEncryptionAndSigningCertificate` in production environment and tried to setup signing and encrypting certificates using `authserver.pfx`. -You can use `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate. +You can use the `dotnet dev-certs https -v -ep authserver.pfx -p 00000000-0000-0000-0000-000000000000` command to generate the `authserver.pfx` certificate. > `00000000-0000-0000-0000-000000000000` is the password of the certificate, you can change it to any password you want. -> Please also remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website. +> Also, please remember to copy `authserver.pfx` to the [Content Root Folder](https://learn.microsoft.com/en-us/dotnet/api/microsoft.aspnetcore.hosting.ihostingenvironment.contentrootpath?view=aspnetcore-7.0) of the `AuthServer` website.