diff --git a/modules/cert-manager-configuring-routes.adoc b/modules/cert-manager-configuring-routes.adoc
index 40dc6497d785..614b217363a2 100644
--- a/modules/cert-manager-configuring-routes.adoc
+++ b/modules/cert-manager-configuring-routes.adoc
@@ -12,7 +12,7 @@ The following steps demonstrate the process of utilizing the {cert-manager-opera
 
 * You have installed version 1.14.0 or later of the {cert-manager-operator}.
 * You have enabled the `RouteExternalCertificate` feature gate.
-* You have the `create` and `update` permissions on the `routes/custom-host` sub-resource.
+* You have `create` permission on the `routes/custom-host` sub-resource, which is used for both creating and updating routes.
 * You have a `Service` resource that you want to expose.
 
 .Procedure
diff --git a/modules/nw-ingress-route-secret-load-external-cert.adoc b/modules/nw-ingress-route-secret-load-external-cert.adoc
index 2b39444ff29c..2f432cb4dc46 100644
--- a/modules/nw-ingress-route-secret-load-external-cert.adoc
+++ b/modules/nw-ingress-route-secret-load-external-cert.adoc
@@ -19,7 +19,7 @@ This feature applies to both edge routes and re-encrypt routes.
 .Prerequisites
 
 * You must enable the `RouteExternalCertificate` feature gate.
-* You must have the `create` and `update` permissions on the `routes/custom-host`.
+* You have `create` permission on the `routes/custom-host` sub-resource, which is used for both creating and updating routes.
 * You must have a secret containing a valid certificate/key pair in PEM-encoded format of type `kubernetes.io/tls`, which includes both `tls.key` and `tls.crt` keys.
 * You must place the referenced secret in the same namespace as the route you want to secure.