diff --git a/docs/configure_https.md b/docs/configure_https.md
index 215f0738c..768636ced 100644
--- a/docs/configure_https.md
+++ b/docs/configure_https.md
@@ -1,6 +1,6 @@
 # Configuring Harbor with HTTPS Access
 
-Because Harbor does not ship with any certificates, it uses HTTP by default to serve registry requests. However, using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet. Using HTTP in environments that are not air-gapped exposes you to man-in-the-middle attacks. In production environments, always use HTTPS. If you enable Content Trust with Notary, you must use HTTPS. 
+Because Harbor does not ship with any certificates, it uses HTTP by default to serve registry requests. However, using HTTP is acceptable only in air-gapped test or development environments that do not have a connection to the external internet. Using HTTP in environments that are not air-gapped exposes you to man-in-the-middle attacks. In production environments, always use HTTPS. If you enable Content Trust with Notary to properly sign all images, you must use HTTPS. 
 
 Harbor uses an `nginx` instance as a reverse proxy for all services. You use the `prepare` script to configure `nginx` to enable HTTPS.
 
diff --git a/docs/installation_guide.md b/docs/installation_guide.md
index d8e6ebeea..b61f093ca 100644
--- a/docs/installation_guide.md
+++ b/docs/installation_guide.md
@@ -91,7 +91,7 @@ After the initial deployment and after you have started Harbor, you perform addi
 
 The table below lists the parameters that must be set when you deploy Harbor. At the very least, you must update the `hostname` parameter.
 
-**IMPORTANT**: Harbor does not ship with any certificates, and by default uses HTTP to serve registry requests. This is acceptable only in air-gapped test or development environments. In production environments, always use HTTPS. If you enable Content Trust with Notary, you must use HTTPS. 
+**IMPORTANT**: Harbor does not ship with any certificates, and by default uses HTTP to serve registry requests. This is acceptable only in air-gapped test or development environments. In production environments, always use HTTPS. If you enable Content Trust with Notary to properly sign all images, you must use HTTPS. 
   
 You can use certificates that are signed by a trusted third-party CA, or you can use self-signed certificates. For information about how to create a CA, and how to use a CA to sign a server certificate and a client certificate, see **[Configuring Harbor with HTTPS Access](configure_https.md)**.