From f96151ccc96d2ea42fb9aa2a5abb4afe64f67374 Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Mon, 17 Mar 2025 13:07:35 -0700
Subject: [PATCH 1/8] Fix: clarify managed v. deployed certs

---
 .../how-to/certificates/manage-certificates.md   | 16 +++++++++++-----
 1 file changed, 11 insertions(+), 5 deletions(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 07a4f56e..99e6cd85 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -131,6 +131,10 @@ You can **Add Filter** to filter certificates by:
 
 The Export option supports exports of basic certification file information to a CSV file. It does _not_ include the content of the public certificate or the private key.
 
+## Deployed certificates
+
+A deployed certificate is associated a specific Instance or Config Sync Gruop. That certificate may be Managed or Unmanaged.
+
 ## Add a new certificate or bundle
 
 To add a new certificate, select **Add Certificate**.
@@ -147,6 +151,8 @@ In each case, you can upload files directly, or enter the content of the certifi
 
 - **Certificate Details**, with the Subject Name, start and end dates.
 - **Key Details**, with the encryption key size and algorithm, such as RSA
+
+If you add a certificate with NGINX One Console, you've set it up as a managed certificate.
 <!-- end potential "include" -->
 
 ## Edit an existing certificate or bundle
@@ -155,15 +161,15 @@ You can modify existing certificates from the **Certificates** screen. Select th
 
 If that certificate is already managed as part of a Config Sync Group, the changes you make affect all instances in that group.
 
-## Remove a deployed certificate
+## Remove a managed certificate
 
-You can remove a deployed certificate from an independent instance or from a Config Sync Group. This will remove the certificate's association with the instance or group, but it does not delete the certificate files from the instance(s).
+You can remove a managed certificate from an independent instance or from a Config Sync Group. This will remove the certificate's association with the Instance or group, but it does not delete the certificate files from the Instance(s).
 
-Every instance with a deployed certificate includes paths to certificates in their configuration files. If you remove the deployed file path to one certificate, that change is limited to that one instance.
+Every Instance with a certificate includes paths to certificates in their configuration files. If you remove one certificate, that change is limited to that one Instance.
 
-Every Config Sync Group also includes paths to certificates in its configuration files. If you remove the deployed path to one certificate, that change affects all instances which belong to that Config Sync Group.
+Every Config Sync Group also includes paths to _managed_ certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all Instances which belong to that Config Sync Group. 
 
-## Delete a deployed certificate
+## Delete a managed certificate
 
 To delete a certificate, find the name in the **Certificates** screen. Find the **Actions** column associated with the certificate. Select the ellipsis (`...`) and then select **Delete**. Before deleting that certificate, you should see a warning.
 

From 107f253f76de1c743a9448656e0fe39aa8890dc1 Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Mon, 17 Mar 2025 13:32:58 -0700
Subject: [PATCH 2/8] More

---
 content/nginx-one/how-to/certificates/manage-certificates.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 99e6cd85..0b429cc2 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -177,6 +177,8 @@ If that certificate is managed and is part of a Config Sync Group, that change a
 
 {{< warning >}} Be cautious if you want to delete certificates that are being used by an instance or a Config Sync Group. Deleting such certificates leads to failure in affected NGINX deployments. {{< /warning >}}
 
+Alternatively, if you want to keep the managed certificate, you can delete its deployment from individual Instances or Config Sync Groups.
+
 ## Managed and unmanaged certificates
 
 If you register an instance to NGINX One Console, as described in [Add your NGINX instances to NGINX One]({{< ref "/nginx-one/getting-started.md#add-your-nginx-instances-to-nginx-one" >}}), and the associated SSL/TLS certificates:

From a6839b63e39f0a8b3b1efe3cdd0bdcf4504aab45 Mon Sep 17 00:00:00 2001
From: Jon Torre <78599298+JTorreG@users.noreply.github.com>
Date: Mon, 24 Mar 2025 10:52:15 +0000
Subject: [PATCH 3/8] Update
 content/nginx-one/how-to/certificates/manage-certificates.md

Co-authored-by: Sylvia Wang <139922338+sylwang@users.noreply.github.com>
---
 content/nginx-one/how-to/certificates/manage-certificates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 0b429cc2..67be7b58 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -133,7 +133,7 @@ The Export option supports exports of basic certification file information to a
 
 ## Deployed certificates
 
-A deployed certificate is associated a specific Instance or Config Sync Gruop. That certificate may be Managed or Unmanaged.
+A deployed certificate is associated with a specific Instance or Config Sync Gruop. That certificate may be Managed or Unmanaged.
 
 ## Add a new certificate or bundle
 

From 8731da4b59fde5ecd65848de0e4f2e31d340521e Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Wed, 26 Mar 2025 14:26:54 -0700
Subject: [PATCH 4/8] Update
 content/nginx-one/how-to/certificates/manage-certificates.md

---
 content/nginx-one/how-to/certificates/manage-certificates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 67be7b58..f5979050 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -163,7 +163,7 @@ If that certificate is already managed as part of a Config Sync Group, the chang
 
 ## Remove a managed certificate
 
-You can remove a managed certificate from an independent instance or from a Config Sync Group. This will remove the certificate's association with the Instance or group, but it does not delete the certificate files from the Instance(s).
+You can remove a deployed certificate from an independent instance or from a Config Sync Group. This action also deletes the certificate files or certificate-key pairs from the data plane Instance(s).
 
 Every Instance with a certificate includes paths to certificates in their configuration files. If you remove one certificate, that change is limited to that one Instance.
 

From c475141aff3c9c11d904398b841edcb29eb0d959 Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Wed, 26 Mar 2025 14:30:18 -0700
Subject: [PATCH 5/8] Update
 content/nginx-one/how-to/certificates/manage-certificates.md

Co-authored-by: Sylvia Wang <139922338+sylwang@users.noreply.github.com>
---
 content/nginx-one/how-to/certificates/manage-certificates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index f5979050..8da6159b 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -161,7 +161,7 @@ You can modify existing certificates from the **Certificates** screen. Select th
 
 If that certificate is already managed as part of a Config Sync Group, the changes you make affect all instances in that group.
 
-## Remove a managed certificate
+## Delete a deployed certificate
 
 You can remove a deployed certificate from an independent instance or from a Config Sync Group. This action also deletes the certificate files or certificate-key pairs from the data plane Instance(s).
 

From a30abc1f1f62b3b7d0e718bb2bf6f0347b1c5a8a Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Wed, 26 Mar 2025 14:30:27 -0700
Subject: [PATCH 6/8] Update
 content/nginx-one/how-to/certificates/manage-certificates.md

---
 content/nginx-one/how-to/certificates/manage-certificates.md | 1 -
 1 file changed, 1 deletion(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 8da6159b..95abdcec 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -165,7 +165,6 @@ If that certificate is already managed as part of a Config Sync Group, the chang
 
 You can remove a deployed certificate from an independent instance or from a Config Sync Group. This action also deletes the certificate files or certificate-key pairs from the data plane Instance(s).
 
-Every Instance with a certificate includes paths to certificates in their configuration files. If you remove one certificate, that change is limited to that one Instance.
 
 Every Config Sync Group also includes paths to _managed_ certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all Instances which belong to that Config Sync Group. 
 

From 6463be320d953a9fc0297785170d3aa31dbc00f5 Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Wed, 26 Mar 2025 14:30:36 -0700
Subject: [PATCH 7/8] Update
 content/nginx-one/how-to/certificates/manage-certificates.md

Co-authored-by: Sylvia Wang <139922338+sylwang@users.noreply.github.com>
---
 content/nginx-one/how-to/certificates/manage-certificates.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 95abdcec..97564a59 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -166,7 +166,7 @@ If that certificate is already managed as part of a Config Sync Group, the chang
 You can remove a deployed certificate from an independent instance or from a Config Sync Group. This action also deletes the certificate files or certificate-key pairs from the data plane Instance(s).
 
 
-Every Config Sync Group also includes paths to _managed_ certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all Instances which belong to that Config Sync Group. 
+Every Config Sync Group also includes paths to managed certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all Instances which belong to that Config Sync Group. 
 
 ## Delete a managed certificate
 

From e4a8af5d72061e1b67e97a1af9a5748b8acfc333 Mon Sep 17 00:00:00 2001
From: Mike Jang <3287976+mjang@users.noreply.github.com>
Date: Thu, 17 Apr 2025 08:39:23 -0700
Subject: [PATCH 8/8] PR comment response

---
 .../certificates/manage-certificates.md       | 21 +++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

diff --git a/content/nginx-one/how-to/certificates/manage-certificates.md b/content/nginx-one/how-to/certificates/manage-certificates.md
index 97564a59..3819db02 100644
--- a/content/nginx-one/how-to/certificates/manage-certificates.md
+++ b/content/nginx-one/how-to/certificates/manage-certificates.md
@@ -133,7 +133,7 @@ The Export option supports exports of basic certification file information to a
 
 ## Deployed certificates
 
-A deployed certificate is associated with a specific Instance or Config Sync Gruop. That certificate may be Managed or Unmanaged.
+A deployed certificate is associated with a specific Instance or Config Sync Group. That certificate may be Managed or Unmanaged.
 
 ## Add a new certificate or bundle
 
@@ -164,9 +164,22 @@ If that certificate is already managed as part of a Config Sync Group, the chang
 ## Delete a deployed certificate
 
 You can remove a deployed certificate from an independent instance or from a Config Sync Group. This action also deletes the certificate files or certificate-key pairs from the data plane Instance(s).
-
-
-Every Config Sync Group also includes paths to managed certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all Instances which belong to that Config Sync Group. 
+<!-- possible common content -->
+To do so, navigate to the **Manage** > **Instances** or **Config Sync Groups** menu. Then:
+
+- Select the instance or Config Sync Group where you want to make the change.
+- Select the **Configuration** tab.
+- Select **Edit Configuration**.
+- Find the file that you want to change.
+- Select the three-dot "ellipsis" (...), to open a menu. Your options are to
+  - **Move/Rename**
+  - **Copy**
+  - **Delete from Configuration** 
+<!-- end possible common content -->
+
+In this case, you can delete a deployed certificate from the configuration.
+
+Every Config Sync Group also includes paths to managed certificates in its configuration files. If you remove a managed certificate to a Config Sync Group, that change affects all instances which belong to that Config Sync Group. 
 
 ## Delete a managed certificate