docs: add internal CA sandbox troubleshooting

[dvdksn]

Summary

Add troubleshooting guidance for Docker Sandboxes users whose internal HTTPS inspection proxy requires a custom CA certificate inside the sandbox. The section covers repeatable setup with a sandbox kit, one-off setup for existing sandboxes, Node.js CA configuration, and policy log diagnostics.

Generated by Codex

[netlify]

✅ Deploy Preview for docsdocker ready!

Name	Link
🔨 Latest commit	d5c2dd6
🔍 Latest deploy log	https://app.netlify.com/projects/docsdocker/deploys/6a183cda5f06fb000856272d
😎 Deploy Preview	https://deploy-preview-25198--docsdocker.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify project configuration.

[docker-agent]

Assessment: 🟢 APPROVE

The new "API calls fail with a certificate error" troubleshooting section is well-structured and technically clear. Commands use correct console language hints, YAML blocks are properly formatted, and the instructions are actionable and accurate.

No hedge words, bold misuse, marketing language, missing front matter, or broken shortcodes were found. The addition matches the existing document's scope and character.

[docker-agent]

Assessment: 🟢 APPROVE

The added troubleshooting guidance for internal CA certificates is well-written and accurate. Both new sections follow Docker's documentation style guide: no AI-isms, correct command formatting, appropriate bold usage consistent with existing patterns, and accurate technical content (the kit file path mapping is correct). The content is appropriately scoped and no redirects are needed (new sections added to existing pages only).

[robmry]

They need to get the cert to /home/agent/internal-ca.crt in the sandbox first?

[robmry]

I don't think this is needed if the cert is installed into the main bundle (by update-ca-certificates), and unless it appends to the variable (?) it might break things.