refactor(i18n): strict enforce en.mdx and meta.en.json separation

pages/guide/certificates/renewal.en.mdx

@@ -0,0 +1,29 @@
+# Renewal Process
+
+Certificates expire to ensure security rotation. TrustLab simplifies the renewal process so you don't experience downtime.
+
+## When to Renew
+You will receive an email notification:
+- **30 days** before expiration.
+- **7 days** before expiration.
+- **1 day** before expiration.
+
+## How to Renew (Manual Re-issue)
+
+To renew a certificate, you simply generate a fresh one with the same domain name.
+
+1.  Go to **Certificates** and click **"Generate New"**.
+2.  **Identity**: Enter the **same Common Name (CN)** as your expiring certificate.
+3.  **Generate**: The system will issue a new certificate with a fresh validity period.
+4.  **Replace**: Download the new `.crt` (and `.key` if you didn't reuse the CSI) and replace the files on your server.
+
+> [!NOTE]
+> The old certificate will remain valid until it expires naturally. You can safely delete it after verifying the new one works.
+
+## What Happens Next?
+- A **new certificate** is generated with a new validity period.
+- The **Private Key** remains the same (if "Reuse Key" was selected) OR a new key is generated (recommended).
+- The old certificate remains valid until its original expiration date (unless revoked).
+
+> [!IMPORTANT]
+> You must **download and install the new certificate** on your server. Renewal **does not** happen automatically on the server side unless you use our ACME integration.