diff --git a/datacenter/dtr/2.3/reference/cli/destroy.md b/datacenter/dtr/2.3/reference/cli/destroy.md
index 3a4dd8d498..aa5ee1cdd4 100644
--- a/datacenter/dtr/2.3/reference/cli/destroy.md
+++ b/datacenter/dtr/2.3/reference/cli/destroy.md
@@ -33,8 +33,8 @@ Use the 'remove' command to gracefully scale down your DTR cluster.
 | `--ucp-password` | $UCP_PASSWORD | The UCP administrator password. |
 | `--debug` | $DEBUG | Enable debug mode for additional logs. |
 | `--help-extended` | $DTR_EXTENDED_HELP | Display extended help text for a given command. |
-| `--ucp-insecure-tls` | $UCP_INSECURE_TLS | Disable TLS verification for UCP.The installation uses TLS but always trusts  the TLS certificate used by UCP, which can lead to man-in-the-middle attacks.  For production deployments, use --ucp-ca "$(cat ca.pem)" instead. |
-| `--ucp-ca` | $UCP_CA | Use a PEM-encoded TLS CA certificate for UCP.Download the UCP TLS CA certificate from https://<ucp-url>/ca, and  use --ucp-ca "$(cat ca.pem)". |
+| `--ucp-insecure-tls` | $UCP_INSECURE_TLS | Disable TLS verification for UCP. The installation uses TLS but always trusts the TLS certificate used by UCP, which can lead to man-in-the-middle attacks. For production deployments, use --ucp-ca "$(cat ca.pem)" instead. |
+| `--ucp-ca` | $UCP_CA | Use a PEM-encoded TLS CA certificate for UCP. Download the UCP TLS CA certificate from https://<ucp-url>/ca, and  use --ucp-ca "$(cat ca.pem)". |
 | `--enzi-insecure-tls` | $ENZI_TLS_INSECURE | Disable TLS verification for Enzi. |
 | `--enzi-ca` | $ENZI_TLS_CA | Use a PEM-encoded TLS CA certificate for Enzi. |