diff --git a/model/opensearch.smithy b/model/opensearch.smithy
index 446679fd..b9828958 100644
--- a/model/opensearch.smithy
+++ b/model/opensearch.smithy
@@ -123,6 +123,7 @@ service OpenSearch {
         Get,
         GetAccountDetails,
         GetAllPits,
+        GetCertificates,
         GetScript,
         GetScriptContext,
         GetScriptLanguages,
@@ -298,6 +299,8 @@ service OpenSearch {
         RankEval_Post_WithIndex,
         Reindex,
         ReindexRethrottle,
+        ReloadHttpCertificates,
+        ReloadTransportCertificates,
         RemoteStoreRestore,
         RenderSearchTemplate_Get,
         RenderSearchTemplate_Get_WithId,
diff --git a/model/security/certificate.smithy b/model/security/certificate.smithy
new file mode 100644
index 00000000..c6077a96
--- /dev/null
+++ b/model/security/certificate.smithy
@@ -0,0 +1,20 @@
+// SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+
+list CertificatesList {
+    member: CertificatesDetail
+}
+
+structure CertificatesDetail {
+    issuer_dn: String,
+    subject_dn: String,
+    san: String,
+    not_before: String,
+    not_after: String
+}
diff --git a/model/security/get_certificates/operations.smithy b/model/security/get_certificates/operations.smithy
new file mode 100644
index 00000000..dbd97980
--- /dev/null
+++ b/model/security/get_certificates/operations.smithy
@@ -0,0 +1,26 @@
+// SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+use opensearch.openapi#vendorExtensions
+
+@externalDocumentation(
+    "API Reference": "https://opensearch.org/docs/latest/security/access-control/api/#get-certificates"
+)
+
+@vendorExtensions(
+    "x-operation-group": "security.get_certificates",
+    "x-version-added": "1.0",
+)
+@idempotent
+@suppress(["HttpUriConflict"])
+@http(method: "GET", uri: "/_plugins/_security/api/ssl/certs")
+@documentation("Returns the cluster’s security certificates.")
+operation GetCertificates {
+    input: GetCertificates_Input,
+    output: GetCertificates_Output
+}
diff --git a/model/security/get_certificates/structures.smithy b/model/security/get_certificates/structures.smithy
new file mode 100644
index 00000000..b8c09add
--- /dev/null
+++ b/model/security/get_certificates/structures.smithy
@@ -0,0 +1,17 @@
+// SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+
+@input
+structure GetCertificates_Input {}
+
+@output
+structure GetCertificates_Output {
+    http_certificates_list: CertificatesList,
+    transport_certificates_list: CertificatesList
+}
diff --git a/model/security/reload_http_certificates/operations.smithy b/model/security/reload_http_certificates/operations.smithy
new file mode 100644
index 00000000..10d69778
--- /dev/null
+++ b/model/security/reload_http_certificates/operations.smithy
@@ -0,0 +1,26 @@
+//  SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+use opensearch.openapi#vendorExtensions
+
+@externalDocumentation(
+    "API Reference": "https://opensearch.org/docs/latest/security/access-control/api/#reload-certificates"
+)
+
+@vendorExtensions(
+    "x-operation-group": "security.reload_http_certificates",
+    "x-version-added": "1.0",
+)
+@readonly
+@suppress(["HttpUriConflict", "HttpMethodSemantics.UnexpectedPayload"])
+@http(method: "PUT", uri: "/_opendistro/_security/api/ssl/http/reloadcerts")
+@documentation("Reloads SSL certificates that are about to expire without restarting the OpenSearch node.")
+operation ReloadHttpCertificates {
+    input: ReloadHttpCertificates_Input,
+    output: ReloadHttpCertificates_Output
+}
diff --git a/model/security/reload_http_certificates/structures.smithy b/model/security/reload_http_certificates/structures.smithy
new file mode 100644
index 00000000..64e68849
--- /dev/null
+++ b/model/security/reload_http_certificates/structures.smithy
@@ -0,0 +1,16 @@
+//  SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+
+@input
+structure ReloadHttpCertificates_Input {}
+
+@output
+structure ReloadHttpCertificates_Output {
+    message: Message
+}
diff --git a/model/security/reload_transport_certificates/operations.smithy b/model/security/reload_transport_certificates/operations.smithy
new file mode 100644
index 00000000..c6312d30
--- /dev/null
+++ b/model/security/reload_transport_certificates/operations.smithy
@@ -0,0 +1,26 @@
+//  SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+use opensearch.openapi#vendorExtensions
+
+@externalDocumentation(
+    "API Reference": "https://opensearch.org/docs/latest/security/access-control/api/#reload-certificates"
+)
+
+@vendorExtensions(
+    "x-operation-group": "security.reload_transport_certificates",
+    "x-version-added": "1.0",
+)
+@readonly
+@suppress(["HttpUriConflict"])
+@http(method: "PUT", uri: "/_opendistro/_security/api/ssl/transport/reloadcerts")
+@documentation("Reloads SSL certificates that are about to expire without restarting the OpenSearch node.")
+operation ReloadTransportCertificates {
+    input: ReloadTransportCertificates_Input,
+    output: ReloadTransportCertificates_Output
+}
diff --git a/model/security/reload_transport_certificates/structures.smithy b/model/security/reload_transport_certificates/structures.smithy
new file mode 100644
index 00000000..acc2c21b
--- /dev/null
+++ b/model/security/reload_transport_certificates/structures.smithy
@@ -0,0 +1,16 @@
+//  SPDX-License-Identifier: Apache-2.0
+//
+//  The OpenSearch Contributors require contributions made to
+//  this file be licensed under the Apache-2.0 license or a
+//  compatible open source license.
+
+$version: "2"
+namespace OpenSearch
+
+@input
+structure ReloadTransportCertificates_Input {}
+
+@output
+structure ReloadTransportCertificates_Output {
+    message: Message
+}