diff --git a/security/certificate_types_descriptions/bootstrap-certificates.adoc b/security/certificate_types_descriptions/bootstrap-certificates.adoc
index 8b56554e22..8e053eb4a1 100644
--- a/security/certificate_types_descriptions/bootstrap-certificates.adoc
+++ b/security/certificate_types_descriptions/bootstrap-certificates.adoc
@@ -8,7 +8,7 @@ toc::[]
 
 == Purpose
 
-The kubelet, in {product-title} 4 and later, uses the bootstrap certificate located in `/etc/kubernetes/kubeconfig` to initially bootstrap. This is followed by the link:https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/#bootstrap-initialization[bootstrap initialization process] and link:https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet-tls-bootstrapping/#authorize-kubelet-to-create-csr[authorization of the kubelet to create a CSR].
+The kubelet, in {product-title} 4 and later, uses the bootstrap certificate located in `/etc/kubernetes/kubeconfig` to initially bootstrap. This is followed by the link:https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/#bootstrap-initialization[bootstrap initialization process] and link:https://kubernetes.io/docs/reference/access-authn-authz/kubelet-tls-bootstrapping/#authorize-kubelet-to-create-csr[authorization of the kubelet to create a CSR].
 
 In that process, the kubelet generates a CSR while communicating over the bootstrap channel. The controller manager signs the CSR, resulting in a certificate that the kubelet manages.