More vale fixes

Author: tashian

.vale/styles/Smallstep/Branding.yml

@@ -16,3 +16,8 @@ swap:
   Yubikeys: YubiKeys
   yubikeys: YubiKeys
   YUBIKEYS: YubiKeys
+  on-premise: on-premises
+  On-premise: On-premises
+  on premise: on-premises
+  On Premise: On-premises
+  wire: Wire

.vale/styles/config/vocabularies/Smallstep/accept.txt

@@ -47,6 +47,7 @@ DTLS
 DevOps
 Diffie-Hellman
 Dockerfile
+Docker Compose
 EAB
 EAP
 ECDH
@@ -60,7 +61,10 @@ Encrypt
 Enrollment
 Entra ID
 FIPS
+F5 Access
+F5 Edge
 FQDN
+FreeBSD
 GCP
 Gartner
 GitHub
@@ -92,7 +96,9 @@ JWSs
 JWT
 JWTs
 Jamf
+Jamf Pro
 JavaScript
+Juniper Mist
 Kubernetes
 LDAP
 LTV
@@ -104,12 +110,14 @@ Merkle
 MicroTik
 Micromdm
 MikroTik
+Microsoft Edge
 Modbus
 Modelling
 NDES
 NDR
 NGINX
 NIST
+NixOS
 NSS
 NTP
 NTPS
@@ -313,6 +321,7 @@ Webhook
 Webhooks
 Wi
 Winget
+Wire
 Wireguard
 WjX
 Wolfi
@@ -676,6 +685,7 @@ ie
 ACLs
 Admin
 APIs
+Aruba
 apk
 Asus
 boolean
@@ -712,6 +722,7 @@ plist
 RAs
 rollout
 Sophos
+Sophos UTM
 SSIDs
 STMicro
 tss
@@ -870,6 +881,7 @@ reasonCode
 redirect_uri
 reverse_proxy
 root_ca_key
+root_ca
 sed
 select_account
 serverAuth

certificate-manager/acme/how-to-use-acme.mdx

@@ -9,7 +9,7 @@ With Smallstep Certificate Manager
 you can deploy ACME on your internal network with ease.
 Before deploying,
 it's important to consider what deployment options works best for your organization,
-which include our hosted as well as our on-premise solutions.
+which include our hosted as well as our on-premises solutions.
 For each of those,
 it may be necessary to also deploy a Registration Authority (RA),
 which ensures ACME clients can be challenged on the internal network
@@ -31,7 +31,7 @@ With Smallstep Certificate Manager,
 you can deploy ACME on your internal network with ease.
 It is possible to use our hosted solution,
 or you can deploy the Smallstep platform to your own infrastructure
-using our on-premise solution.
+using our on-premises solution.
 These options are described below.
 
 #### Hosted
@@ -69,7 +69,7 @@ providing control over what domains are allowed to request a certificate,
 or by requiring External Account Binding (EAB) to be used,
 so that only known ACME clients can request a certificate.
 
-#### On-premise
+#### On-premises
 
 It is also possible to deploy the Smallstep platform to your own infrastructure.
 If your infrastructure

certificate-manager/acme/when-to-use-acme.mdx

@@ -34,7 +34,7 @@ The below listing is an overview of exemplary scenarios in which the ACME protoc
     The ACME protocol is primarily well-suited for use cases that are similar as to how the Web PKI is used.
     This means it can be used for issuing certificates to internal workloads, including databases, proxies and queues.
     With the Smallstep platform, certificates issued using ACME are not recorded in a Certificate Transparency log, keeping your internal infrastructure confidential.
-    It is also possible to deploy ACME with an on-premise deployment of the Smallstep platform, to be in full control over the system or to be used in airgapped networks, for example.
+    It is also possible to deploy ACME with an on-premises deployment of the Smallstep platform, to be in full control over the system or to be used in airgapped networks, for example.
 - An environment requiring certificates for Mutual TLS, such as a service mesh.
     This use case is similar as the one above, but this time also includes client side authentication using a certificate.
     Considering the clients in those environments are often primarily concerned with infrastructural concerns, they can be issued a client certificate using ACME if they can solve challenges.

certificate-manager/kubernetes-tls/kubernetes-autocert.mdx

@@ -42,7 +42,7 @@ step ca provisioner add autocert --create
 
 You’ll be asked to provide a password to encrypt the provisioner private key.
 
-## Create configmaps and a secret for Autocert
+## Create ConfigMaps and a secret for Autocert
 
 In Kubernetes, create a namespace for autocert:
 

certificate-manager/kubernetes-tls/kubernetes-install.mdx

@@ -20,7 +20,7 @@ We think issuing a one-year certificate and moving on is setting you up for pain
 In fact, we [blogged about a better way](https://smallstep.com/blog/kubernetes-the-secure-way) and created a pull request to Hightower's repo. 
 You should certainly check it out if you are building a Kubernetes cluster from scratch.
 
-### Extra credit: Ad__phrase_12__lers
+### Extra credit: Admission Controllers
 
 An *[Admission Controller](https://kubernetes.io/blog/2019/03/21/a-guide-to-kubernetes-admission-controllers/)* is a plugin that can intercept calls to the Kubernetes API server and modify the request or reject it altogether. 
 For example, the `autocert` project also uses a *mutating* Admission Controller to inject a secret into the Pod-spec during Pod creation. 

registration-authorities/acme-for-cas.mdx

@@ -140,7 +140,7 @@ gcloud privateca subordinates describe example-intermediate-ca \
       --role=roles/privateca.certificateRequester
   ```
 
-#### 7. Launch a "smallstep ACME registration authority for CAS" deployment
+#### 7. Launch a "Smallstep ACME registration authority for CAS" deployment
 
 1. Select "Smallstep ACME Registration Authority for CAS" from GCP marketplace
 and hit the `Launch` button.

ssh/how-it-works.mdx

@@ -103,7 +103,7 @@ The Smallstep SSH SaaS offering includes a hosted certificate authority and a se
 
 ### Smallstep SSH run anywhere
 
-The same offering is available in an on-premise configuration that brings the simplicity of a SaaS offering with a private deployment's control and security. Smallstep SSH Run Anywhere installs in Kubernetes and integrates with your existing HSM for storage of private keys. [Contact Us](https://smallstep.com/pricing-question) for more information.
+The same offering is available in an on-premises configuration that brings the simplicity of a SaaS offering with a private deployment's control and security. Smallstep SSH Run Anywhere installs in Kubernetes and integrates with your existing HSM for storage of private keys. [Contact Us](https://smallstep.com/pricing-question) for more information.
 
 ## Setup and configuration
 

step-ca/installation.mdx

@@ -172,7 +172,7 @@ Community-maintained packages for NixOS are available:
 - [`step-ca`](https://search.nixos.org/packages?show=step-ca&from=0&size=50&sort=relevance&query=step-ca)
 - [`step-cli`](https://search.nixos.org/packages?show=step-cli&from=0&size=50&sort=relevance&query=step-cli)
 
-#### Freebsd
+#### FreeBSD
 
 Community-maintained packages for FreeBSD are available:
 - [`step-certificates`](https://www.freshports.org/security/step-certificates/)

step-ca/provisioners.mdx

@@ -613,7 +613,7 @@ Valid from:  2019-06-20T18:21:52Z
         to:  2019-06-21T18:21:52Z`}
 </CodeBlock>
 
-#### Configuring your identity provider (idp)
+#### Configuring your identity provider (IdP)
 
 When creating an OAuth app, there isn't much to configure on the IdP.
 Most providers will ask you to specify a Redirect URI, where the ID token will be delivered at the end of the OAuth flow.
@@ -1152,7 +1152,7 @@ TPMs also have privacy constraints and a wide range of use case-specific validat
   </div>
 </Alert>
 
-#### ACME for wire messenger clients
+#### ACME for Wire messenger clients
 
 <Alert severity="warning">
   <div> 
@@ -1450,7 +1450,7 @@ but _you cannot assume that the names on the certificate are authentic_.
 
 Because of this, every host in your infrastructure must be trusted.
 
-#### Mitigating the risk of iids
+#### Mitigating the risk of IIDs
 
 Here are some things you can do to mitigate risk when using IIDs:
 - **Configure the provisioner with `instanceAge`.**