diff --git a/provision.sh b/provision.sh
index c99f28380f44dee51d97544ee7caab1423845f68..c02abe114cf7965c9e9ac5c11bd71081bf4d7515 100644
--- a/provision.sh
+++ b/provision.sh
@@ -100,7 +100,7 @@ echo "(3) - OCSP Stapling not enabled."
 echo "      depend on CA https://www.digicert.com/ssl-support/apache-enable-ocsp-stapling-on-server.htm"
 
 # STEP 7 - enhance apache secuirty configuration
-echo "Trying to resole (2) - HTTP Strict Transport Security not set"
+echo "Trying to resolve (2) - HTTP Strict Transport Security not set"
 echo "see https://cipherli.st/ force ssl configuration good practices"
 echo "see https://raymii.org/s/tutorials/Strong_SSL_Security_On_Apache2.html"
 echo 'SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH' | sudo tee --append /etc/apache2/apache2.conf
@@ -144,7 +144,7 @@ echo "restart apache to take modifcations"
 sudo apache2ctl restart
 
 # STEP 8 - signed cert and import certificate authority
-echo "enhance our hey and cert"
+echo "enhance our key and cert"
 echo "see https://blog.didierstevens.com/2008/12/30/howto-make-your-own-cert-with-openssl/"
 
 echo "generate 4096-bit long RSA key for our root CA  (rootca.key)"