diff --git a/reference/fleet/secure-connections.md b/reference/fleet/secure-connections.md
index a82efe5337..94dc4cb2c7 100644
--- a/reference/fleet/secure-connections.md
+++ b/reference/fleet/secure-connections.md
@@ -90,10 +90,10 @@ For the steps in this section, imagine you have the following files:
| | |
| --- | --- |
-| `ca.crt` | The CA certificate to use to connect to {{fleet-server}}. This is theCA used to [generate a certificate and key](#generate-fleet-server-certs)for {{fleet-server}}. |
+| `ca.crt` | The CA certificate to use to connect to {{fleet-server}}. This is the CA used to [generate a certificate and key](#generate-fleet-server-certs) for {{fleet-server}}. |
| `fleet-server.crt` | The certificate you generated for {{fleet-server}}. |
| `fleet-server.key` | The private key you generated for {{fleet-server}}.
If the `fleet-server.key` file is encrypted with a passphrase, the passphrase will need to be specified through a file. |
-| `elasticsearch-ca.crt` | The CA certificate to use to connect to {{es}}. This is the CA used to generatecerts for {{es}} (see [Prerequisites](#prereqs)).
Note that the CA certificate’s SHA-256 fingerprint (hash) may be used instead of the `elasticsearch-ca.crt` file for securing connections to {{es}}. |
+| `elasticsearch-ca.crt` | The CA certificate to use to connect to {{es}}. This is the CA used to generate certs for {{es}} (see [Prerequisites](#prereqs)).
Note that the CA certificate’s SHA-256 fingerprint (hash) may be used instead of the `elasticsearch-ca.crt` file for securing connections to {{es}}. |
To encrypt traffic between {{agent}}s, {{fleet-server}}, and {{es}}: