Update Download Root CA screens/guide language (#466)

* Update Download Root CA screens/guide language

* One more language change

* self-signed > Root CA-signed language

* One mo' language change

site/source/guides/device-guides/dg-android/lan-android.rst

@@ -3,7 +3,7 @@
 =============================
 Trust Your Root CA on Android
 =============================
-Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Android).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The self-signed certificate was created by your server when you perfomed the initial setup, and applies to your server's main UI connection, as well as all service connections.
+Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Android).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The Root CA was created by your server when you perfomed the initial setup, and signs the certificate of your server's main UI, as well as that of all services.
 
 .. note:: This guide applies to most Android phones running Android v13+, as well as phones running CalyxOS, GrapheneOS, or LineageOS (v19+).
 
@@ -11,11 +11,11 @@ Download Root CA
 ----------------
 First, download your Start9 server's Root CA, if you have not already.
 
-    - Navigate to *System > LAN*, then click "Download Certificate".
+    - Navigate to **System** -> **Root CA**, then click "Download Root CA".
 
       .. figure:: /_static/images/ssl/lan_setup.png
         :width: 40%
-        :alt: LAN setup menu item
+        :alt: Navigate to System > Root CA
 
 Alternatively, you can download to another machine, then transfer the file to your device.
 

site/source/guides/device-guides/dg-ios/lan-ios.rst

@@ -3,7 +3,7 @@
 =========================
 Trust Your Root CA on iOS
 =========================
-Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (iOS).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The self-signed certificate was created by your server when you perfomed the initial setup, and applies to your server's main UI connection, as well as all service connections.
+Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (iOS).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The Root CA was created by your server when you perfomed the initial setup, and signs the certificate of your server's main UI, as well as that of all services.
 
 This applies to iOS v15 and v16.  For older versions, see the `v14 guide </0.3.1.x/user-manual/connecting/connecting-lan/lan-os/lan-ios>`_.
 
@@ -12,7 +12,7 @@ This applies to iOS v15 and v16.  For older versions, see the `v14 guide </0.3.1
    .. note::
       In order to do this, open Safari and visit your Start9 server's .local URL while connected to WiFi, but make sure it is prefixed with ``http://`` and not ``https://``.
 
-      Log in using your password, then click the hamburger (3 lines) menu at the top right, select System > LAN > Download Certificate.  It may say `This website is trying to download a configuration profile.  Do you want to allow this?` Click `Allow`.
+      Log in using your password, then click the hamburger (3 lines) menu at the top right, select **System** > **Root CA** > **Download Root CA**.  It may say `This website is trying to download a configuration profile.  Do you want to allow this?` Click `Allow`.
 
       Once this is done, you can skip to step 3, below.
       

site/source/guides/device-guides/dg-linux/lan-linux.rst

@@ -3,7 +3,7 @@
 ================================
 Trusting Your Start9 CA on Linux
 ================================
-Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Windows).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The self-signed certificate was created by your server when you perfomed the initial setup, and applies to your server's main UI connection, as well as all service connections.
+Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Windows).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The Root CA was created by your server when you perfomed the initial setup, and signs the certificate of your server's main UI, as well as that of all services.
 
 .. caution:: If you cannot connect following this guide, you may be using an application (such as Firefox) that is installed in a jailed environment, such as an appimage, flatpak, or snap.  Please try an alternate install method if so.
 
@@ -11,11 +11,11 @@ Download Root CA
 ----------------
 First, download your Start9 server's Root CA, if you have not already.
 
-    - Navigate to *System > LAN*, then click "Download Certificate".
+    - Navigate to **System** -> **Root CA**, then click "Download Root CA".
 
       .. figure:: /_static/images/ssl/lan_setup.png
         :width: 40%
-        :alt: LAN setup menu item
+        :alt: Navigate to System > Root CA
 
 Alternatively, you can download to another machine, then transfer the file to your device.
 

site/source/guides/device-guides/dg-mac/lan-mac.rst

@@ -3,15 +3,15 @@
 ================================
 Trusting Your Start9 CA on macOS
 ================================
-Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Mac).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The self-signed certificate was created by your server when you perfomed the initial setup, and applies to your server's main UI connection, as well as all service connections.
+Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Mac).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The Root CA was created by your server when you perfomed the initial setup, and signs the certificate of your server's main UI, as well as that of all services.
 
 #. In your Start9 server's UI, navigate to **System** -> **LAN**
 
     .. figure:: /_static/images/ssl/macos/trust-cert-macos-1-system-lan.png
         :width: 60%
-        :alt: Navigate to System > LAN
+        :alt: Navigate to System > Root CA
 
-#. Click **Download Certificate** and your browser will either automatically save the certificate to your Downloads folder or ask you where to save it:
+#. Click **Download Root CA** and your browser will either automatically save the certificate to your Downloads folder or ask you where to save it:
 
     .. figure:: /_static/images/ssl/macos/trust-cert-macos-2-download_cert.png
         :width: 60%

site/source/guides/device-guides/dg-windows/lan-windows.rst

@@ -3,7 +3,7 @@
 ==================================
 Trusting Your Start9 CA On Windows
 ==================================
-Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Windows).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The self-signed certificate was created by your server when you perfomed the initial setup, and applies to your server's main UI connection, as well as all service connections.
+Complete this guide to download your Start9 server's Root Certificate Authority (CA), and trust it on your client device (Windows).  This allows you to use encrypted ``https`` connections to your ``.local`` (LAN) and ``.onion`` (tor) server addresses, access services on LAN, and enhances performance on tor.  The Root CA was created by your server when you perfomed the initial setup, and signs the certificate of your server's main UI, as well as that of all services.
 
 Unfortunately, Windows does not have mDNS alias support built-in, which is necessary in order to visit .local addresses for any service you install on your Start9 server, so we recommend using the Bonjour service. Check out this :ref:`FAQ answer<why-bonjour>` for details.
 
@@ -31,11 +31,11 @@ Download Root CA
 ----------------
 Download your Start9 server's Root CA, if you have not already.
 
-    - Navigate to *System > LAN*, then click "Download Certificate".
+    - Navigate to **System** -> **Root CA**, then click "Download Root CA".
 
       .. figure:: /_static/images/ssl/lan_setup.png
         :width: 40%
-        :alt: LAN setup menu item
+        :alt: Navigate to System > Root CA
 
 Alternatively, you can download the Root CA to another machine, then transfer the file to your client device.
 

site/source/support/concepts/networks.rst

@@ -46,11 +46,11 @@ Remote connections to your server (when you are on the go) are handled via :ref:
 
 By default, this ``.local`` address is served like a regular website, over HTTP. Browsers make it noticeable when visiting a site over HTTP in the URL bar - it could be red, show an unlocked lock, or warn that the connection is not secure.
 
-SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy (a happy 'green lock' icon, instead of an angry 'red unlocked' one in the URL bar). Using the Secure Sockets Layer protocol, HTTPS enabled websites use certificates to establish authenticated and encrypted links between networked computers. This is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. These certificates also verify ownership of a website.
+SSL certificates are what enable websites to move from HTTP to HTTPS, which increases security and makes browsers happy (a happy 'green lock' icon, instead of an angry 'red unlocked' one in the URL bar). Using the Transport Layer Security protocol (TLS, aka SSL), HTTPS-enabled websites use certificates to establish authenticated and encrypted links between networked computers. This is the standard technology for keeping an internet connection secure and safeguarding any sensitive data that is being sent between two devices, preventing third parties from reading and modifying any personal information transferred. These certificates also verify ownership of a website.
 
 Valid SSL certificates are typically issued and obtained from Certificate Authorities. These trusted third parties generate and distribute certificates, signing them with their trusted private key, which allows the clients who use them to verify their authenticity. Websites obtain a certificate from a CA then load it onto their website's hosting service or server, allowing the website to load over HTTPS and have all traffic to and from the website be encrypted and secure.
 
-We decided to have StartOS act as a Certificate Authority (CA). It creates a self-signed certificate, which means that the private key used to sign the digital certificate is your server's own private key instead of a third party's.  
+We decided to have StartOS act as a Certificate Authority (CA). It signs all of your server's certificates, which means that the private key used to sign each digital certificate is your server's own private key instead of a third party's.
 
 When you setup SSL for StartOS and a client device, the certificate communicates to the client (a browser) that the server demonstrated ownership of the domain (``<custom-address>.local``) to the certificate authority at the time of certificate issuance (during the setup process). The StartOS dashboard can then be accessed from a home network (LAN) using a secure HTTPS connection!  You own this entire stack and no third party can interfere.