mongodb · jeff-allen-mongo · Jul 14, 2021 · Jul 14, 2021
diff --git a/source/appendix/security/appendixC-openssl-client.txt b/source/appendix/security/appendixC-openssl-client.txt
@@ -174,10 +174,9 @@ B. Generate the Test PEM File for Client
 
          mongosh --tls --tlsCertificateSelector subject="<TestClientCertificateCommonName>"
 
-      Although still available, :option:`--ssl <mongosh --ssl>` and
-      :option:`--sslCertificateSelector <mongo
-      --sslCertificateSelector>` are :ref:`deprecated as of MongoDB 4.2
-      <4.2-tls>`.
+      Although still available, ``--ssl`` and
+      ``--sslCertificateSelector`` are
+      :ref:`deprecated as of MongoDB 4.2 <4.2-tls>`.
 
       **For MongoDB 4.0 and earlier**
 

diff --git a/source/core/security-x.509.txt b/source/core/security-x.509.txt
@@ -84,12 +84,12 @@ To connect and authenticate using x.509 client certificate:
 
 - For MongoDB 4.0 and earlier, include the following options for the client:
 
-  - :option:`--ssl <mongosh --ssl>`
+  - ``--ssl``
 
-  - :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`
+  - ``--sslPEMKeyFile``
 
-  - :option:`--sslPEMKeyPassword <mongosh --sslPEMKeyPassword>` option if
-    the :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>` is encrypted.
+  - ``--sslPEMKeyPassword`` option if
+    the ``--sslPEMKeyFile`` is encrypted.
 
   - :option:`--authenticationDatabase '$external' 
     <mongo --authenticationDatabase>`

diff --git a/source/reference/connection-string.txt b/source/reference/connection-string.txt
@@ -449,7 +449,7 @@ Alternatively, you can also use the equivalent :urioption:`ssl=true
 
        If the :binary:`mongo` shell specifies additional
        :ref:`tls/ssl <mongo-shell-ssl>` options from the
-       command-line, use the :option:`--ssl <mongosh --ssl>`
+       command-line, use the ``--ssl``
        command-line option instead.
 
    * - .. urioption:: tlsCertificateKeyFile

diff --git a/source/tutorial/configure-ssl-clients.txt b/source/tutorial/configure-ssl-clients.txt
@@ -201,9 +201,8 @@ On Windows and macOS,
       mongosh --tls  --host hostname.example.com --tlsCertificateSelector subject="myclient.example.net"
 
    Although still available, :mongosh:`mongosh </>`
-   :option:`--ssl <mongosh --ssl>`, :option:`--sslCAFile <mongo
-   --sslCAFile>`, :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`,
-   :option:`--sslCertificateSelector <mongosh --sslCertificateSelector>`
+   ``--ssl``, ``--sslCAFile``, ``--sslPEMKeyFile``, and
+   ``--sslCertificateSelector`` options
    are :ref:`deprecated as of MongoDB 4.2 <4.2-tls>`.
 
 Avoid Use of ``--tlsAllowInvalidCertificates`` Option
@@ -243,31 +242,31 @@ Avoid Use of ``--tlsAllowInvalidCertificates`` Option
    * - SSL Option (Deprecated in 4.2)
      - Notes
 
-   * - :option:`--ssl <mongosh --ssl>`
+   * - ``--ssl``
      - Enables TLS/SSL connection.
 
-   * - :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`
+   * - ``--sslPEMKeyFile``
 
      - Specifies the :file:`.pem` file that contains
        :mongosh:`mongosh </>`'s certificate and key to present to
        the :binary:`~bin.mongod` or :binary:`~bin.mongos` instance.
 
-   * - :option:`--sslPEMKeyPassword <mongosh --sslPEMKeyPassword>`
+   * - ``--sslPEMKeyPassword``
 
      - If :mongosh:`mongosh </>`'s certificate key file is encrypted.
 
-   * - :option:`--sslCAFile <mongosh --sslCAFile>`
+   * - ``--sslCAFile``
 
      - Specifies the Certificate Authority (CA) :file:`.pem` file for
        verification of the certificate presented by the
        :binary:`~bin.mongod` or the :binary:`~bin.mongos` instance.
 
-   * - :option:`--sslCertificateSelector <mongosh --sslCertificateSelector>`
+   * - ``--sslCertificateSelector``
 
      - If running on Windows or macOS, use a certificate from the
        system certificate store. (*New in version 4.0*)
 
-For a complete list of :mongosh:`mongosh </>`'s ``ssl``
+For a complete list of ``ssl``
 options, see :ref:`SSL Options <mongo-shell-ssl>`.
 
 For TLS/SSL connections, :mongosh:`mongosh </>` validates the
@@ -303,7 +302,7 @@ To connect to a :binary:`~bin.mongod` or :binary:`~bin.mongos` instance
 that requires :ref:`encrypted communication <ssl-mongod-ssl-cert-key>`,
 start :mongosh:`mongosh </>` with:
 
-- :option:`--ssl <mongosh --ssl>`
+- ``--ssl``
 
 - :option:`--host <mongosh --host>` and :option:`--sslCAFile <mongo
   --sslCAFile>` to validate the server certificate.
@@ -341,12 +340,12 @@ To connect to a :binary:`~bin.mongod` or :binary:`~bin.mongos` that
 requires :ref:`CA-signed client certificates
 <ssl-mongod-ca-signed-ssl-cert-key>`, start :mongosh:`mongosh </>` with:
 
-- :option:`--ssl <mongosh --ssl>`
+- ``--ssl``
 
 - :option:`--host <mongosh --host>` and the :option:`--sslCAFile <mongo
   --sslCAFile>` to validate the server certificate,
 
-- :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>` option to specify
+- ``--sslPEMKeyFile`` option to specify
   the client certificate to present to the server.
 
 For example, consider a :binary:`~bin.mongod` instance running on
@@ -367,9 +366,9 @@ On Windows and macOS,
    You can also use the :option:`--sslCertificateSelector <mongo
    --sslCertificateSelector>` option to specify the client certificate
    from the system certificate store instead of using
-   :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`. If the CA file
+   ``--sslPEMKeyFile``. If the CA file
    is also in the system certificate store, you can omit the
-   :option:`--sslCAFile <mongosh --sslCAFile>` option as well. For
+   ``--sslCAFile`` option as well. For
    example, to use a certificate with the ``CN`` (Common Name) of
    ``myclient.example.net`` and the CA file from the system certificate
    store on macOS, start :mongosh:`mongosh </>` with the following

diff --git a/source/tutorial/configure-x509-client-authentication.txt b/source/tutorial/configure-x509-client-authentication.txt
@@ -463,13 +463,13 @@ authenticate with the client certificate.
               * - Option
                 - Notes
 
-              * - :option:`--ssl <mongosh --ssl>`
+              * - ``--ssl``
                 -
 
-              * - :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`
+              * - ``--sslPEMKeyFile``
                 - Client's x.509 file.
 
-              * - :option:`--sslCAFile <mongosh --sslCAFile>`
+              * - ``--sslCAFile``
 
                 - Certificate Authority file to verify the
                   certificate presented by
@@ -506,13 +506,13 @@ authenticate with the client certificate.
                   * - Option
                     - Notes
 
-                  * - :option:`--ssl <mongosh --ssl>`
+                  * - ``--ssl``
                     -
 
-                  * - :option:`--sslPEMKeyFile <mongosh --sslPEMKeyFile>`
+                  * - ``--sslPEMKeyFile``
                     - Client's x.509 file.
 
-                  * - :option:`--sslCAFile <mongosh --sslCAFile>`
+                  * - ``--sslCAFile``
 
                     - Certificate Authority file to verify the
                       certificate presented by