elastic · KOTungseth · Dec 15, 2022 · Nov 18, 2022 · Nov 28, 2022 · Nov 28, 2022
diff --git a/docs/CHANGELOG.asciidoc b/docs/CHANGELOG.asciidoc
diff --git a/docs/developer/architecture/development-visualize-index.asciidoc b/docs/developer/architecture/development-visualize-index.asciidoc
@@ -19,7 +19,7 @@ We would recommend waiting until later in `7.x` to upgrade your plugins if possi
 If you would like to keep up with progress on the visualizations plugin in the meantime,
 here are a few resources:
 
-* The <<breaking-changes-8.0.0,breaking changes>> documentation, where we try to capture any changes to the APIs as they occur across minors.
+* The {kibana-ref-all}/8.0/release-notes-8.0.0.html#breaking-changes-8.0.0[8.0.0 breaking changes], where we try to capture any changes to the APIs as they occur across minors.
 * link:https://github.com/elastic/kibana/issues/44121[Meta issue] which is tracking the move of the plugin to the new {kib} platform
 * Our link:https://www.elastic.co/blog/join-our-elastic-stack-workspace-on-slack[Elastic Stack workspace on Slack].
 * The {kib-repo}blob/{branch}/src/plugins/visualizations[source code], which will continue to be

diff --git a/docs/settings/alert-action-settings.asciidoc b/docs/settings/alert-action-settings.asciidoc
@@ -8,7 +8,7 @@
 Alerting and actions are enabled by default in {kib}, but require you to configure the following:
 
 . <<using-kibana-with-security,Set up {kib} to work with {stack} {security-features}>>.
-. <<configuring-tls-kib-es,Set up TLS encryption between {kib} and {es}>>.
+. {ref}/security-basic-setup-https.html#encrypt-kibana-elasticsearch[Encrypt traffic between {kib} and {es}].
 . If you are using an *on-premises* Elastic Stack deployment, <<general-alert-action-settings,specify a value for `xpack.encryptedSavedObjects.encryptionKey`>>.
 
 You can configure the following settings in the `kibana.yml` file.

diff --git a/docs/setup/configuring-reporting.asciidoc b/docs/setup/configuring-reporting.asciidoc
@@ -214,7 +214,7 @@ To automatically generate reports with {watcher}, you must configure {watcher} t
 
 . Enable {stack-security-features} on your {es} cluster. For more information, see {ref}/security-getting-started.html[Getting started with security].
 
-. Configure TLS/SSL encryption for the {kib} server. For more information, see <<configuring-tls>>.
+. Configure TLS/SSL encryption for the {kib} server. For more information, check {ref}/security-basic-setup-https.html#encrypt-kibana-http[Encrypt HTTP client communications for {kib}].
 
 . Specify the {kib} server CA certificate chain in `elasticsearch.yml`:
 +

diff --git a/docs/setup/upgrade/upgrade-standard.asciidoc b/docs/setup/upgrade/upgrade-standard.asciidoc
@@ -31,7 +31,7 @@ Different versions of {kib} running against the same {es} index, such as during
 +
 
 Make sure you remove or update any configurations
-that are indicated in the <<breaking-changes-8.0.0,breaking changes>> documentation
+that are indicated in the {kibana-ref-all}/8.0/release-notes-8.0.0.html#breaking-changes-8.0.0[8.0.0 breaking changes],
 otherwise {kib} will fail to start.
 --
 . Upgrade any plugins by removing the existing plugin and reinstalling the
@@ -52,7 +52,7 @@ and becomes a new instance in the monitoring data.
 --
 . Copy the files from the `config` directory from your old installation to your
   new installation. Make sure you remove or update any configurations that are
-  indicated in the <<breaking-changes-8.0.0,breaking changes>> documentation
+  indicated in the {kibana-ref-all}/8.0/release-notes-8.0.0.html#breaking-changes-8.0.0[8.0.0 breaking changes],
   otherwise {kib} will fail to start.
 . Copy the files from the `data` directory from your old installation to your
   new installation.

diff --git a/docs/user/monitoring/monitoring-kibana.asciidoc b/docs/user/monitoring/monitoring-kibana.asciidoc
@@ -105,7 +105,7 @@ valid user ID and password in the `elasticsearch.username` and
 `elasticsearch.password` settings in the `kibana.yml` file. These values are
 used when {kib} sends monitoring data to the production cluster.
 
-.. <<configuring-tls-kib-es,Configure encryption for traffic between {kib} and {es}>>.
+.. {ref}/security-basic-setup-https.html#encrypt-kibana-elasticsearch[Encrypt traffic between {kib} and {es}].
 
 . <<start-stop,Start {kib}>>.
 

diff --git a/docs/user/monitoring/viewing-metrics.asciidoc b/docs/user/monitoring/viewing-metrics.asciidoc
@@ -56,7 +56,7 @@ If these settings are omitted, {kib} uses the `elasticsearch.username` and
 information, see {kibana-ref}/using-kibana-with-security.html[Configuring security in {kib}].
 
 . (Optional) Configure {kib} to encrypt communications between the {kib} server
-and the monitoring cluster. See <<configuring-tls>>.
+and the monitoring cluster. For more information, check {ref}/security-basic-setup-https.html#encrypt-kibana-http[Encrypt HTTP client communications for {kib}].
 
 . If the Elastic {security-features} are enabled on the {kib} server, only users
 that have the authority to access {kib} indices and to read the monitoring indices

diff --git a/docs/user/security/authentication/index.asciidoc b/docs/user/security/authentication/index.asciidoc
@@ -117,7 +117,7 @@ access tokens. All subsequent requests to {es} APIs on behalf of users will be a
 
 Prior to configuring {kib}, ensure that the PKI realm is enabled in {es} and configured to permit delegation. See {ref}/configuring-pki-realm.html[Configuring a PKI realm] for more information.
 
-To enable the PKI authentication provider in {kib}, you must first <<configuring-tls,configure {kib} to encrypt communications between the browser and {kib} server>>. You must also enable TLS client authentication and include the certificate authority (CA) used to sign client certificates into a list of CAs trusted by {kib} in your `kibana.yml`:
+To enable the PKI authentication provider in {kib}, you must first {ref}/security-basic-setup-https.html#encrypt-kibana-http[configure {kib} to encrypt communications between the browser and {kib} server]. You must also enable TLS client authentication and include the certificate authority (CA) used to sign client certificates into a list of CAs trusted by {kib} in your `kibana.yml`:
 
 NOTE: You can configure only one PKI provider per {kib} instance.
 

diff --git a/docs/user/security/securing-communications/elasticsearch-mutual-tls.asciidoc b/docs/user/security/securing-communications/elasticsearch-mutual-tls.asciidoc
@@ -46,7 +46,7 @@ If you haven't already, start {kib} and connect it to {es} using the
 --
 {kib} uses the client certificate and corresponding private key when connecting to {es}.
 
-NOTE: This is not the same as the <<configuring-tls-browser-kib,server certificate>> that {kib} will present to web browsers.
+NOTE: This is not the same as the {ref}/security-basic-setup-https.html#encrypt-kibana-http[server certificate] that {kib} will present to web browsers.
 
 You may choose to generate a client certificate and private key using the {ref}/certutil.html[`elasticsearch-certutil`] tool. If you followed the {es} documentation for {ref}/security-basic-setup.html#generate-certificates[generating the certificates authority], then you already have a certificate authority (CA) to sign
 the {es} server certificate. You may choose to use the same CA to sign the {kib}