apache · moonming · Apr 7, 2023 · Apr 3, 2023
diff --git a/docs/en/latest/tutorials/client-to-apisix-mtls.md b/docs/en/latest/tutorials/client-to-apisix-mtls.md
@@ -89,9 +89,9 @@ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
 ```
 
 - `sni`: Specify the domain name (CN) of the certificate. When the client tries to handshake with APISIX via TLS, APISIX will match the SNI data in `ClientHello` with this field and find the corresponding server certificate for handshaking.
-- `cert`: The public key of the server certificate.
+- `cert`: The server certificate.
 - `key`: The private key of the server certificate.
-- `client.ca`: The public key of the client's certificate. For demonstration purposes, the same `CA` is used here.
+- `client.ca`: The CA (certificate authority) file to verfiy the client certificate. For demonstration purposes, the same `CA` is used here.
 
 ### Configure the route in APISIX
 

diff --git a/docs/zh/latest/tutorials/client-to-apisix-mtls.md b/docs/zh/latest/tutorials/client-to-apisix-mtls.md
@@ -80,7 +80,7 @@ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
 --header 'Content-Type: application/json' \
 --data-raw '{
     "sni": "test.com",
-    "cert": "<服务器证书公钥>",
+    "cert": "<服务器证书>",
     "key": "<服务器证书私钥>",
     "client": {
         "ca": "<客户端证书公钥>"
@@ -89,9 +89,9 @@ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/ssls/1' \
 ```
 
 - `sni`：指定证书的域名（CN），当客户端尝试通过 TLS 与 APISIX 握手时，APISIX 会将 `ClientHello` 中的 SNI 数据与该字段进行匹配，找到对应的服务器证书进行握手。
-- `cert`：服务器证书的公钥。
+- `cert`：服务器证书。
 - `key`：服务器证书的私钥。
-- `client.ca`：客户端证书的公钥。为了演示方便，这里使用了同一个 `CA`。
+- `client.ca`：用来验证客户端证书的 CA 文件。为了演示方便，这里使用了同一个 `CA`。
 
 ### 配置测试路由