feat: initial commit of trustlab-docs

2026-01-26 13:32:08 +07:00 · 2026-01-08 15:03:32 +07:00
commit 6c5b0c53ae
31 changed files with 8109 additions and 0 deletions
--- a/pages/knowledge/_meta.json
+++ b/pages/knowledge/_meta.json
@@ -0,0 +1,5 @@
+{
+    "index": "Overview",
+    "fundamentals": "Fundamentals",
+    "troubleshooting": "Troubleshooting"
+}
--- a/pages/knowledge/fundamentals/_meta.json
+++ b/pages/knowledge/fundamentals/_meta.json
@@ -0,0 +1,4 @@
+{
+    "pki-intro": "What is PKI?",
+    "cert-types": "Certificate Types"
+}
--- a/pages/knowledge/fundamentals/pki-intro.mdx
+++ b/pages/knowledge/fundamentals/pki-intro.mdx
@@ -0,0 +1,26 @@
+# What is PKI?
+
+**Public Key Infrastructure (PKI)** is a set of roles, policies, hardware, software, and procedures needed to create, manage, distribute, store, and revoke digital certificates.
+
+## Core Concepts
+
+### 1. Asymmetric Encryption
+PKI relies on a pair of keys:
+- **Public Key**: Shared with everyone. Used to encrypt data.
+- **Private Key**: Kept secret. Used to decrypt data and *sign* digital assets.
+
+### 2. The Chain of Trust
+A certificate is only trusted if it is signed by a trusted issuer.
+- **Root CA**: The anchor of trust. It signs itself (Self-Signed). You explicitly trust this on your device.
+- **Intermediate CA**: Signed by Root CA. Used to sign End-Entity certificates for security.
+- **End-Entity (Leaf)**: The certificate used on your Web Server or Email.
+
+TrustLab manages this entire chain for your internal organization.
+
+### 3. Why Internal PKI?
+Using Public CAs (like Let's Encrypt) is great for public websites, but incompatible with:
+- **Intranet IPs** (e.g., `10.0.0.1`).
+- **Internal Domains** (e.g., `.local`, `.corp`).
+- **VPN Services**.
+
+TrustLab fills this gap by acting as your private authority.
--- a/pages/knowledge/index.mdx
+++ b/pages/knowledge/index.mdx
@@ -0,0 +1,7 @@
+# Knowledge Base
+
+Understand the concepts behind Public Key Infrastructure (PKI) and find solutions to common problems.
+
+## Fundamentals
+
+- [What is PKI?](/knowledge/fundamentals/what-is-pki)
--- a/pages/knowledge/troubleshooting/_meta.json
+++ b/pages/knowledge/troubleshooting/_meta.json
@@ -0,0 +1,4 @@
+{
+    "browser-errors": "NET::ERR_CERT Errors",
+    "missing-root": "System Doesn't Trust CA"
+}
--- a/pages/knowledge/troubleshooting/browser-errors.mdx
+++ b/pages/knowledge/troubleshooting/browser-errors.mdx
@@ -0,0 +1,32 @@
+# Common Browser Errors
+
+When using internal certificates, browsers are very strict. Here are common error codes and what they mean.
+
+## NET::ERR_CERT_AUTHORITY_INVALID hiding
+
+**Cause:**
+The browser does not recognize the Root CA that issued the certificate.
+
+**Solution:**
+You have not installed the TrustLab Root CA on your device.
+-> [Go to Installation Guide](/guide/getting-started/install-root-ca)
+
+## NET::ERR_CERT_COMMON_NAME_INVALID
+
+**Cause:**
+The domain name you are visiting (e.g., `app.local`) does not match the names listed in the certificate.
+
+**Solution:**
+Check the **SANs (Subject Alternative Names)** of the certificate.
+1. Click the "Not Secure" icon in the address bar.
+2. View Certificate.
+3. Check "DNS Names". If the domain is missing, you must **Re-issue** the certificate.
+
+## NET::ERR_CERT_DATE_INVALID
+
+**Cause:**
+The certificate has expired or the system clock is wrong.
+
+**Solution:**
+1. Check your computer's date and time.
+2. If time is correct, the certificate is expired. [Renew the certificate](/guide/certificates/renewal).