restore stuff removed in bad edit

Author: shainaraskas

deploy-manage/security/k8s-transport-settings.md

@@ -39,7 +39,7 @@ When you change the `clusterIP` setting of the service, ECK deletes and re-creat
 
 ## Configure a custom Certificate Authority [k8s-transport-ca]
 
-{{es}} uses X.509 certificates to establish encrypted and authenticated connections across nodes in the cluster. By default, ECK creates a CA to issue a self-signed certificate [for each node in the cluster](/deploy-manage/security/set-up-basic-security.md#encrypt-internode-communication).
+{{es}} uses X.509 certificates to establish encrypted and authenticated connections across nodes in the cluster. By default, ECK creates a self-signed CA certificate to issue a certificate [for each node in the cluster](/deploy-manage/security/set-up-basic-security.md#encrypt-internode-communication).
 
 You can use a Kubernetes secret to provide your own CA instead of the self-signed certificate that ECK will then use to create node certificates for transport connections. The CA certificate must be stored in the secret under `ca.crt` and the private key must be stored under `ca.key`.
 

deploy-manage/security/same-ca.md

@@ -14,7 +14,7 @@ products:
 # Same CA [update-node-certs-same]
 
 
-This procedure assumes that the you have access to the certificate and key that was originally generated (or otherwise held by your organization) and used to sign the node certificates currently in use. It also assumes that the clients connecting to {{es}} on the HTTP layer are configured to trust the certificate.
+This procedure assumes that the you have access to the CA certificate and key that was originally generated (or otherwise held by your organization) and used to sign the node certificates currently in use. It also assumes that the clients connecting to {{es}} on the HTTP layer are configured to trust the CA certificate.
 
 If you have access to the certificate authority (CA) used to sign your existing certificates, you only need to replace the certificates and keys for each node in your cluster. If you replace your existing certificates and keys on each node and use the same filenames, {{es}} reloads the files starts using the new certificates and keys.