diff --git a/ci/release_notes.md b/ci/release_notes.md
index c41e8c4..ebc66d2 100644
--- a/ci/release_notes.md
+++ b/ci/release_notes.md
@@ -15,4 +15,10 @@ some of the default flag values for `x509 issue`.
 # Improvements
 
 * Key usage strings provided on the command line are now case-insensitive.
-* `generate` was added as a command alias to `gen`.
\ No newline at end of file
+* `generate` was added as a command alias to `gen`.
+
+# Bug Fixes
+
+* Updated help for `target` not to say to use `-s=false`. go-cli apparently won't
+handle that syntax, and so it has been updated to suggest `--no-strongbox` for the
+same functionality.
\ No newline at end of file
diff --git a/main.go b/main.go
index 8ffe8d3..5d358a9 100644
--- a/main.go
+++ b/main.go
@@ -470,7 +470,7 @@ if provided, the following flags are valid:
 effect if the given URL uses an HTTPS scheme.
 
 -s (--strongbox) specifies that the targeted Vault has a strongbox deployed at
-its IP on port :8484. This is true by default. -s=false will cause commands
+its IP on port :8484. This is true by default. --no-strongbox will cause commands
 that would otherwise use strongbox to run against only the targeted Vault.
 
 -n (--namespace) specifies a Vault Enterprise namespace to run commands against
@@ -481,7 +481,7 @@ PEM-encoded certificate. The given certificate will be trusted as the signing
 certificate to the certificate served by the Vault server. This flag can be
 provided multiple times to provide multiple CA certificates.
 `,
-		Usage: "safe [-k] [-s] [-n] [--ca-cert] target [URL] [ALIAS] | safe target -i",
+		Usage: "safe [-k] [--[no]-strongbox] [-n] [--ca-cert] target [URL] [ALIAS] | safe target -i",
 		Type:  AdministrativeCommand,
 	}, func(command string, args ...string) error {
 		var cfg rc.Config