diff --git a/docs/webhooks/03-Mutual-TLS.md b/docs/webhooks/03-Mutual-TLS.md
index 2eeb523..c9a3f71 100644
--- a/docs/webhooks/03-Mutual-TLS.md
+++ b/docs/webhooks/03-Mutual-TLS.md
@@ -21,10 +21,10 @@ These steps assume you already have server authentication setup.
 
 In general, there are five steps needed to turn on client authentication for your server:
 
-1. Download the PEM version of the [DigiCert Global Root CA](https://cacerts.digicert.com/DigiCertGlobalRootCA.crt.pem) certificate.
+1. Download the PEM version of the DigiCert Root certificate from our [Public Certificates Page](../../docs/webhooks/08-Certificates.md).
 2. Turn on client certificate verification. 
 3. Specify the CA certificate from step 1 as trusted.
-4. Set the verification depth to 2 since our PagerDuty certificate is actually signed by the [DigiCert SHA2 Secure Server CA](https://dl.cacerts.digicert.com/DigiCertSHA2SecureServerCA.crt) which is an intermediate CA under DigiCert Global Root CA.
+4. Set the verification depth to 2 since our PagerDuty certificate is actually signed by an intermediate.
 5. Verify the client certificate is actually from PagerDuty by inspecting its Subject Domain Name.
 
 Now we will go over sample server configurations for NGINX and Apache.