doc: merge knowledge base into guide

pages/_meta.json

@@ -6,9 +6,5 @@
     "guide": {
         "title": "User Guide",
         "type": "page"
-    },
-    "knowledge": {
-        "title": "Knowledge Base",
-        "type": "page"
     }
 }

pages/guide/_meta.json

@@ -1,6 +1,8 @@
 {
     "index": "Overview",
     "getting-started": "Getting Started",
+    "concepts": "Core Concepts",
     "certificates": "Certificate Operations",
-    "integrations": "Integrations"
+    "integrations": "Integrations",
+    "troubleshooting": "Troubleshooting"
 }

pages/guide/troubleshooting/browser-errors.mdx

@@ -0,0 +1,43 @@
+import { Callout, Cards, Card } from 'nextra/components'
+import { AlertTriangle, Globe, Calendar, XCircle, HelpCircle } from 'lucide-react'
+
+# Common Browser Errors
+
+When using internal certificates, browsers are very strict. Below are the most common error codes and how to resolve them.
+
+### `NET::ERR_CERT_AUTHORITY_INVALID`
+
+<Callout type="error" emoji={<AlertTriangle className="w-5 h-5" />}>
+  **The Logic:** The browser simply **does not know** the "TrustLab Root CA" that signed your website's certificate, so it assumes it's fake.
+</Callout>
+
+**Solution:**
+You have not installed the Root CA on your device yet.
+*   [**Install Root CA Guide**](/guide/getting-started/install-root-ca)
+
+---
+
+### `NET::ERR_CERT_COMMON_NAME_INVALID`
+
+<Callout type="warning" emoji={<Globe className="w-5 h-5" />}>
+  **The Logic:** You are visiting `app.local`, but the certificate was only issued for `api.local`. The names **do not match**.
+</Callout>
+
+**Solution:**
+The domain is missing from the certificate's **SANs (Subject Alternative Names)**.
+1.  Click the **"Not Secure"** icon > **Certificate**.
+2.  Check the **DNS Name** or SAN field.
+3.  If missing, you must **[Generate a New Certificate](/guide/certificates/request-new)** that includes the correct domain.
+
+---
+
+### `NET::ERR_CERT_DATE_INVALID`
+
+<Callout type="info" emoji={<Calendar className="w-5 h-5" />}>
+  **The Logic:** The certificate has expired, OR your computer's clock is set to the wrong date (past/future).
+</Callout>
+
+**Solution:**
+1.  Check your system clock first.
+2.  If the clock is correct, the certificate is truly expired.
+3.  **[Renew the Certificate](/guide/certificates/renewal)** immediately.

pages/knowledge/_meta.json

@@ -1,5 +0,0 @@
-{
-    "index": "Overview",
-    "fundamentals": "Fundamentals",
-    "troubleshooting": "Troubleshooting"
-}

pages/knowledge/index.mdx

@@ -1,7 +0,0 @@
-# Knowledge Base
-
-Understand the concepts behind Public Key Infrastructure (PKI) and find solutions to common problems.
-
-## Fundamentals
-
-- [What is PKI?](/knowledge/fundamentals/what-is-pki)

pages/knowledge/troubleshooting/browser-errors.mdx

@@ -1,32 +0,0 @@
-# Common Browser Errors
-
-When using internal certificates, browsers are very strict. Here are common error codes and what they mean.
-
-## NET::ERR_CERT_AUTHORITY_INVALID hiding
-
-**Cause:**
-The browser does not recognize the Root CA that issued the certificate.
-
-**Solution:**
-You have not installed the TrustLab Root CA on your device.
--> [Go to Installation Guide](/guide/getting-started/install-root-ca)
-
-## NET::ERR_CERT_COMMON_NAME_INVALID
-
-**Cause:**
-The domain name you are visiting (e.g., `app.local`) does not match the names listed in the certificate.
-
-**Solution:**
-Check the **SANs (Subject Alternative Names)** of the certificate.
-1. Click the "Not Secure" icon in the address bar.
-2. View Certificate.
-3. Check "DNS Names". If the domain is missing, you must **Re-issue** the certificate.
-
-## NET::ERR_CERT_DATE_INVALID
-
-**Cause:**
-The certificate has expired or the system clock is wrong.
-
-**Solution:**
-1. Check your computer's date and time.
-2. If time is correct, the certificate is expired. [Renew the certificate](/guide/certificates/renewal).