diff --git a/docs-web/configuration/policy-resource.md b/docs-web/configuration/policy-resource.md
index 0c61b7fa26..02ef727a05 100644
--- a/docs-web/configuration/policy-resource.md
+++ b/docs-web/configuration/policy-resource.md
@@ -275,7 +275,7 @@ For example, the following policy will verify a client certificate using the CA
 ```yaml
 ingressMTLS:
   clientCertSecret: ingress-mtls-secret
-  verifyClient: on
+  verifyClient: "on"
   verifyDepth: 1
 ```
 
@@ -314,7 +314,7 @@ We use the `requestHeaders` of the [Action.Proxy](/nginx-ingress-controller/conf
      - ``string``
      - Yes
    * - ``verifyClient``
-     - Verification for the client. Possible values are ``on``, ``off``, ``optional``, ``optional_no_ca``. The default is ``on``.
+     - Verification for the client. Possible values are ``"on"``, ``"off"``, ``"optional"``, ``"optional_no_ca"``. The default is ``"on"``.
      - ``string``
      - No
    * - ``verifyDepth``
diff --git a/examples-of-custom-resources/ingress-mtls/ingress-mtls.yaml b/examples-of-custom-resources/ingress-mtls/ingress-mtls.yaml
index 3e73db28bc..c6caedea89 100644
--- a/examples-of-custom-resources/ingress-mtls/ingress-mtls.yaml
+++ b/examples-of-custom-resources/ingress-mtls/ingress-mtls.yaml
@@ -5,5 +5,5 @@ metadata:
 spec:
   ingressMTLS:
     clientCertSecret: ingress-mtls-secret
-    verifyClient: on
+    verifyClient: "on"
     verifyDepth: 1