diff --git a/docs/tlscerts.html.in b/docs/tlscerts.html.in
index 8a74311682..5b7a5f56e4 100644
--- a/docs/tlscerts.html.in
+++ b/docs/tlscerts.html.in
@@ -125,12 +125,12 @@ of the server and clients. There are two distinct checks involved:
server. Checking done by client by matching the certificate that
the server sends to the server's hostname. May be disabled by adding
?no_verify=1
to the
-remote URI.
+remote URI.
@@ -142,7 +142,7 @@ your own CA and tell your server(s) and clients to trust certificates issues by your own CA. Follow the instructions in the next section.
-Be aware that the default +Be aware that the default configuration for libvirtd allows any client to connect provided they have a valid certificate issued by the CA for their own IP address. You may want to change this to make it less (or more) @@ -236,7 +236,7 @@ include the SAN fields.
In the example below, clients will be connecting to the
-server using a URI of
+server using a URI of
qemu://compute1.libvirt.org/system
, so the CN
must be "compute1.libvirt.org
".