[DOCS-10975] add Windows steps for PL root certificates (#29485)

* add Windows steps for PL root certificates

* remove stray </a> tag

* add standalone process

* fixing windows command

* fixing some vale stuff

* fixing period

* Apply suggestions from code review

Co-authored-by: Joe Peeples <[email protected]>

* fixes from Joe's review

---------

Co-authored-by: Joe Peeples <[email protected]>

Author: aliciascott

content/en/synthetics/platform/private_locations/_index.md

@@ -666,7 +666,50 @@ For more information about private locations parameters for admins, see [Configu
 
 You can upload custom root certificates to your private locations to have your API and browser tests perform the SSL handshake using your own `.pem` files.
 
-When spinning up your private location containers, mount the relevant certificate `.pem` files to `/etc/datadog/certs` in the same way you mount your private location configuration file. These certificates are considered trusted CA and are used at test runtime. **Note**: If you combine all your `.pem` files into one file, then the order in which the certificates are placed matters. It is required that the intermediate certificate precedes the root certificate to successfully establish a chain of trust.
+{{< tabs >}}
+{{% tab "Linux container" %}}
+
+When spinning up your private location containers, mount the relevant certificate `.pem` files to `/etc/datadog/certs` in the same way you mount your private location configuration file. These certificates are considered trusted CA and are used at test runtime. 
+
+<div class="alert alert-info"><strong>Note</strong>: If you combine all your <code>.pem</code> files into one file, the sequence of the certificates within the file is important. It is required that the intermediate certificate precedes the root certificate to successfully establish a chain of trust.</div>
+
+{{% /tab %}}
+
+{{% tab "Windows service" %}}
+
+To install root certificates for private locations on a Windows service, use the following steps:
+
+1. Open the Registry Editor App.
+2. Navigate to the entry `Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\synthetics-private-location`.
+3. Create a Registry key named `Environment` with the `Multi-string` value type.
+
+<div class="alert alert-info"><strong>Note</strong>: Your certificate needs to be in the same folder as the your Synthetic Monitoring Service:
+default: <code>C:\Program Files\Datadog-Synthetics\Synthetics</code>.</div>
+
+4. Set the value `NODE_EXTRA_CA_CERTS=C:\Program Files\Datadog-Synthetics\Synthetics\CACert.pem`
+
+   {{< img src="synthetics/private_locations/windows_pl_set_service.png" alt="Your image description" style="width:100%;" >}}
+
+5. Open the Services App and reload the Datadog Synthetic Monitoring Private Location service.
+
+{{% /tab %}}
+
+{{% tab "Windows standalone" %}}
+
+To install root certificates for private locations on a standalone Windows process with `synthetics-private-location.exe`, use the following steps:
+
+1. Open your Windows command prompt or PowerShell.
+
+2. Set the environment variable and call the executable.
+
+Example:
+
+```text
+set NODE_EXTRA_CA_CERTS=C:\Program Files\Datadog-Synthetics\Synthetics\CACert.pem && .\synthetics-private-location.exe --config "C:\ProgramData\Datadog-Synthetics\Synthetics\worker-config.json"
+```
+
+{{% /tab %}}
+{{< /tabs >}}
 
 #### Set up liveness and readiness probes