[DOCS] Removes unnecessary section

lcawl · lcawl · commit 88e0c43bf9e3 · 2019-11-18T15:45:48.000-08:00
diff --git a/docs/reference/redirects.asciidoc b/docs/reference/redirects.asciidoc
@@ -1004,7 +1004,7 @@ See <<kerberos-realm-configuration>>.
 [role="exclude",id="configuring-pki-realm"]
 === Configuring a PKI realm
 
-See <<pki-realm-configuration>>.
+See <<pki-realm>>.
 
 [role="exclude",id="pki-settings"]
 ==== PKI realm settings
diff --git a/x-pack/docs/en/security/authentication/configuring-pki-realm.asciidoc b/x-pack/docs/en/security/authentication/configuring-pki-realm.asciidoc
@@ -1,15 +1,3 @@
-You can configure {es} to use Public Key Infrastructure (PKI) certificates to
-authenticate users. This requires clients connecting directly to {es} to
-present X.509 certificates. The certificates must first be accepted for
-authentication on the SSL/TLS layer on {es}. Only then they are optionally
-further validated by a PKI realm.
-
-Users may also use PKI certificates to authenticate to {kib}, however this
-requires some <<pki-realm-for-proxied-clients,additional configuration>>. On
-{es}, this configuration enables {kib} to act as a proxy for SSL/TLS
-authentication and to submit the client certificates to {es} for further
-validation by a PKI realm.
-
 [[pki-realm-for-direct-clients]]
 ==== PKI authentication for clients connecting directly to {es}
 
@@ -278,4 +266,3 @@ PUT /_security/role_mapping/direct_pki_only
 
 <1> only when this metadata field is set (it is *not* `null`) the user has been
 authenticated in the delegation scenario.
-
diff --git a/x-pack/docs/en/security/authentication/pki-realm.asciidoc b/x-pack/docs/en/security/authentication/pki-realm.asciidoc
@@ -2,11 +2,17 @@
 [[pki-realm]]
 === PKI user authentication
 
-You can configure {stack} {security-features} to use Public Key Infrastructure
-(PKI) certificates to authenticate users in {es}. This requires clients to
-present X.509 certificates.
+You can configure {es} to use Public Key Infrastructure (PKI) certificates to
+authenticate users. This requires clients connecting directly to {es} to
+present X.509 certificates. The certificates must first be accepted for
+authentication on the SSL/TLS layer on {es}. Only then they are optionally
+further validated by a PKI realm.
 
-You can use PKI certificates to authenticate users in {es} as well as {kib}.
+You can also use PKI certificates to authenticate to {kib}, however this
+requires some <<pki-realm-for-proxied-clients,additional configuration>>. On
+{es}, this configuration enables {kib} to act as a proxy for SSL/TLS
+authentication and to submit the client certificates to {es} for further
+validation by a PKI realm.
 
 To use PKI in {es}, you configure a PKI realm, enable client authentication on
 the desired network layers (transport or http), and map the Distinguished Names
@@ -18,7 +24,4 @@ you must configure the {es} PKI realm to
 <<pki-realm-for-proxied-clients,allow delegation>> and to
 {kibana-ref}/kibana-authentication.html#pki-authentication[enable PKI authentication in {kib}].
 
-[[pki-realm-configuration]]
-==== Configuring a PKI realm
-
 include::configuring-pki-realm.asciidoc[]
