diff --git a/docs/static/releasenotes.asciidoc b/docs/static/releasenotes.asciidoc
index 505bc33b543..9d603405a63 100644
--- a/docs/static/releasenotes.asciidoc
+++ b/docs/static/releasenotes.asciidoc
@@ -120,6 +120,42 @@ This section summarizes the changes in the following releases:
 [[logstash-8-8-0]]
 === Logstash 8.8.0 Release Notes
 
+[[known-issues-8.8.0]]
+==== Known issues
+
+Logstash 8.8.0 may fail to start when SSL/TLS is enabled
+in monitoring and/or central management, due to a change introduced in version 11.14.0 of the https://github.com/logstash-plugins/logstash-output-elasticsearch[logstash-output-elasticsearch] plugin. 
+When impacted by this issue, Logstash fails to start and logs an error similar to the following:
+
+```
+[logstash.licensechecker.licensereader] Failed to perform request {:message=>"PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target", :exception=>Manticore::ClientProtocolException, :cause=>#<Java::JavaxNetSsl::SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target>}
+```
+
+**Resolution**
+
+A successful Elasticsearch output plugin update to version `11.15.8` or higher will
+resolve this issue:
+
+```
+bin/logstash-plugin update logstash-output-elasticsearch
+```
+
+OR
+
+Specify the `ca_trusted_fingerprint` setting in the `logstash.yml`.
+The certificate fingerprint can be extract with:
+
+```
+cat your_ca.cert | openssl x509 -outform der | sha256sum | awk '{print $1}'
+```
+
+Then set the following on `logstash.yml` using the output from the previous command:
+
+```
+xpack.monitoring.elasticsearch.ssl.ca_trusted_fingerprint: "<value>"
+xpack.management.elasticsearch.ssl.ca_trusted_fingerprint: "<value>"
+```
+
 [[notable-8.8.0]]
 ==== Notable issues fixed