Based on a customer case, it appears that the Reissuing internal certificates chapter requires some corrections, as it may be confusing for users.

Currently the chapter has 3 sections:
3.1. Reissuing internal certificates for Central
3.2. Reissuing internal certificates for Scanner
3.3. Reissuing internal certificates for secured clusters

The following changes are proposed:
1. There should be 2 main sections, for Central services and Secured Clusters. Section 3.2 should be a sub-section of 3.1, because it refers to the Scanner component of the Central services.
2. In section 3.1, we are missing instructions for downloading and applying certificates for some of the Central services: central-db, and Scanner V4 (scanner-v4-matcher, scanner-v4-indexer, scanner-v4-db). It looks like the docs were not updated when these were added. The instructions should be identical to the ones we already have for Central and Scanner.
3. It should be made clearer that the Operator refreshes the Central-side certificates automatically. This feature is currently only mentioned in a bullet point that is easy to overlook, leading some customers to believe that all steps must be performed manually.