--- docs/tomcat-8.0-doc/config/http.html	(revision 1669818)
+++ docs/tomcat-8.0-doc/config/http.html	(working copy)
@@ -951,8 +951,12 @@ 
       certificates. If not defined, client certificates will not be checked
       against a certificate revocation list.</p>
     </td></tr><tr><td><code class="attributeName">keyAlias</code></td><td>
-      <p>The alias used to for the server certificate in the keystore. If not
-      specified the first key read in the keystore will be used.</p>
+      <p>The alias associated with the server certificate in the keystore. If not
+      specified the first certificate read will be used.  This is not 
+      necessarily the first certificate listed when viewing the keystore, but
+      the first certificate read.  </p>
+      <p>Note:  If you have more than one certificate in your keystore it is
+      recommended to specify the keyAlias value.</p>
     </td></tr><tr><td><code class="attributeName">keyPass</code></td><td>
       <p>The password used to access the server certificate from the
       specified keystore file.  The default value is "<code>changeit</code>".