diff --git a/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst b/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst
index 26ddcf3b5..c5cbb0c87 100644
--- a/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst
+++ b/doc/source/security/kubernetes/configure-docker-registry-certificate-after-installation-c519edbfe90a.rst
@@ -73,6 +73,11 @@ Update the following fields:
           - registry.central
           - <external-FQDN-for-OAM-Floating-IP-Address, if applicable>
 
+   .. note::
+
+      By default after deployment, all system configurations have both OAM and
+      MGMT floating IPs in the docker registry certificate.
+
 
 #. Apply the configuration.
 
diff --git a/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst b/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst
index 58e971b27..fe25c20d7 100644
--- a/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst
+++ b/doc/source/security/kubernetes/create-certificates-locally-using-openssl.rst
@@ -49,7 +49,7 @@ use in a lab environment.
 
         .. code-block:: none
 
-            $ echo subjectAltName = IP:<WRCP-OAM-Floating-IP>,DNS:registry.local,DNS:registry.central > extfile.cnf
+            $ echo subjectAltName = IP:<WRCP-OAM-Floating-IP>,IP:<WRCP-MGMT-Floating-IP>,DNS:registry.local,DNS:registry.central > extfile.cnf
 
     #.  Use the my-root-ca to sign the server certificate.