diff --git a/x-pack/plugins/actions/server/index.test.ts b/x-pack/plugins/actions/server/index.test.ts
new file mode 100644
index 0000000000000..9021879fa38aa
--- /dev/null
+++ b/x-pack/plugins/actions/server/index.test.ts
@@ -0,0 +1,61 @@
+/*
+ * Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
+ * or more contributor license agreements. Licensed under the Elastic License
+ * 2.0; you may not use this file except in compliance with the Elastic License
+ * 2.0.
+ */
+import { config } from './index';
+import { applyDeprecations, configDeprecationFactory } from '@kbn/config';
+import { configDeprecationsMock } from 'src/core/server/mocks';
+
+const CONFIG_PATH = 'xpack.actions';
+const applyStackAlertDeprecations = (settings: Record<string, unknown> = {}) => {
+  const deprecations = config.deprecations!(configDeprecationFactory);
+  const deprecationMessages: string[] = [];
+  const _config = {
+    [CONFIG_PATH]: settings,
+  };
+  const { config: migrated, changedPaths } = applyDeprecations(
+    _config,
+    deprecations.map((deprecation) => ({
+      deprecation,
+      path: CONFIG_PATH,
+      context: configDeprecationsMock.createContext(),
+    })),
+    () =>
+      ({ message }) =>
+        deprecationMessages.push(message)
+  );
+  return {
+    messages: deprecationMessages,
+    migrated,
+    changedPaths,
+  };
+};
+
+describe('index', () => {
+  describe('deprecations', () => {
+    it('should properly unset deprecated configs', () => {
+      const { messages, changedPaths } = applyStackAlertDeprecations({
+        customHostSettings: [{ ssl: { rejectUnauthorized: false } }],
+        rejectUnauthorized: false,
+        proxyRejectUnauthorizedCertificates: false,
+      });
+      expect(changedPaths.unset).toStrictEqual([
+        'xpack.actions.customHostSettings.ssl.rejectUnauthorized',
+        'xpack.actions.rejectUnauthorized',
+        'xpack.actions.proxyRejectUnauthorizedCertificates',
+      ]);
+      expect(messages.length).toBe(3);
+      expect(messages[0]).toBe(
+        '"xpack.actions.customHostSettings[<index>].ssl.rejectUnauthorized" is deprecated.Use "xpack.actions.customHostSettings[<index>].ssl.verificationMode" instead, with the setting "verificationMode:full" eql to "rejectUnauthorized:true", and "verificationMode:none" eql to "rejectUnauthorized:false".'
+      );
+      expect(messages[1]).toBe(
+        '"xpack.actions.rejectUnauthorized" is deprecated. Use "xpack.actions.verificationMode" instead, with the setting "verificationMode:full" eql to "rejectUnauthorized:true", and "verificationMode:none" eql to "rejectUnauthorized:false".'
+      );
+      expect(messages[2]).toBe(
+        '"xpack.actions.proxyRejectUnauthorizedCertificates" is deprecated. Use "xpack.actions.proxyVerificationMode" instead, with the setting "proxyVerificationMode:full" eql to "rejectUnauthorized:true",and "proxyVerificationMode:none" eql to "rejectUnauthorized:false".'
+      );
+    });
+  });
+});
diff --git a/x-pack/plugins/actions/server/index.ts b/x-pack/plugins/actions/server/index.ts
index bfddd22003978..f012ec83c2dfb 100644
--- a/x-pack/plugins/actions/server/index.ts
+++ b/x-pack/plugins/actions/server/index.ts
@@ -64,7 +64,8 @@ export const config: PluginConfigDescriptor<ActionsConfig> = {
       if (
         customHostSettings.find(
           (customHostSchema: CustomHostSettings) =>
-            !!customHostSchema.ssl && !!customHostSchema.ssl.rejectUnauthorized
+            customHostSchema.hasOwnProperty('ssl') &&
+            customHostSchema.ssl?.hasOwnProperty('rejectUnauthorized')
         )
       ) {
         addDeprecation({
@@ -82,11 +83,18 @@ export const config: PluginConfigDescriptor<ActionsConfig> = {
             ],
           },
         });
+        return {
+          unset: [
+            {
+              path: `xpack.actions.customHostSettings.ssl.rejectUnauthorized`,
+            },
+          ],
+        };
       }
     },
     (settings, fromPath, addDeprecation) => {
       const actions = get(settings, fromPath);
-      if (!!actions?.rejectUnauthorized) {
+      if (actions?.hasOwnProperty('rejectUnauthorized')) {
         addDeprecation({
           message:
             `"xpack.actions.rejectUnauthorized" is deprecated. Use "xpack.actions.verificationMode" instead, ` +
@@ -101,11 +109,18 @@ export const config: PluginConfigDescriptor<ActionsConfig> = {
             ],
           },
         });
+        return {
+          unset: [
+            {
+              path: `xpack.actions.rejectUnauthorized`,
+            },
+          ],
+        };
       }
     },
     (settings, fromPath, addDeprecation) => {
       const actions = get(settings, fromPath);
-      if (!!actions?.proxyRejectUnauthorizedCertificates) {
+      if (actions?.hasOwnProperty('proxyRejectUnauthorizedCertificates')) {
         addDeprecation({
           message:
             `"xpack.actions.proxyRejectUnauthorizedCertificates" is deprecated. Use "xpack.actions.proxyVerificationMode" instead, ` +
@@ -120,6 +135,13 @@ export const config: PluginConfigDescriptor<ActionsConfig> = {
             ],
           },
         });
+        return {
+          unset: [
+            {
+              path: `xpack.actions.proxyRejectUnauthorizedCertificates`,
+            },
+          ],
+        };
       }
     },
   ],
diff --git a/x-pack/plugins/task_manager/server/index.ts b/x-pack/plugins/task_manager/server/index.ts
index 611fa40591c4d..7667a18fcef54 100644
--- a/x-pack/plugins/task_manager/server/index.ts
+++ b/x-pack/plugins/task_manager/server/index.ts
@@ -41,6 +41,9 @@ export type {
 
 export const config: PluginConfigDescriptor<TaskManagerConfig> = {
   schema: configSchema,
+  exposeToUsage: {
+    max_workers: true,
+  },
   deprecations: () => [
     (settings, fromPath, addDeprecation) => {
       const taskManager = get(settings, fromPath);