docs: expand README documentation table and fix orphaned doc links

- README: Add 7 missing docs to documentation table (MCP server, OpenAPI
  guide, migration guides for certbot/acme.sh/cert-manager, test
  environment, testing guide). Fix connector reference description to
  remove stale counts. Link OpenAPI guide instead of raw YAML.
- architecture.md: Add cross-references to testing-guide.md and
  test-env.md from testing strategy section and What's Next links.
  These were the only two orphaned docs with zero inbound references.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>

README.md

@@ -224,9 +224,15 @@ Each directory contains a `docker-compose.yml` and a `README.md` explaining the
 | [Advanced Demo](docs/demo-advanced.md) | Issue a certificate end-to-end with technical deep-dives |
 | [Architecture](docs/architecture.md) | System design, data flow diagrams, security model |
 | [Feature Inventory](docs/features.md) | Complete reference of all V2 capabilities, API endpoints, and configuration |
-| [Connector Reference](docs/connectors.md) | Configuration for all 7 issuers, 10 targets, and 5 notifier connectors |
+| [Connector Reference](docs/connectors.md) | Configuration for all issuer, target, and notifier connectors |
+| [MCP Server](docs/mcp.md) | AI integration via Model Context Protocol — setup, available tools, examples |
+| [OpenAPI 3.1 Spec](docs/openapi.md) | API reference guide with endpoint overview ([raw spec](api/openapi.yaml)) |
 | [Compliance Mapping](docs/compliance.md) | SOC 2 Type II, PCI-DSS 4.0, NIST SP 800-57 alignment guides |
-| [OpenAPI 3.1 Spec](api/openapi.yaml) | Full request/response schemas for all operations |
+| [Migrate from certbot](docs/migrate-from-certbot.md) | Step-by-step migration from certbot cron jobs to certctl |
+| [Migrate from acme.sh](docs/migrate-from-acmesh.md) | Migration guide for acme.sh users, DNS hook compatibility |
+| [certctl for cert-manager users](docs/certctl-for-cert-manager-users.md) | How certctl complements cert-manager for mixed infrastructure |
+| [Test Environment](docs/test-env.md) | Docker Compose test environment with real CA backends |
+| [Testing Guide](docs/testing-guide.md) | Comprehensive test procedures, smoke tests, and release sign-off checklist |
 
 ## CLI
 

docs/architecture.md

@@ -986,6 +986,8 @@ certctl is extensively tested across eight layers with CI-enforced coverage gate
 
 **CI pipeline** (`.github/workflows/ci.yml`) — Two parallel jobs. Go: build, vet, `go test -race`, `golangci-lint` (11 linters), `govulncheck`, test with coverage, per-layer coverage threshold enforcement (service 60%, handler 60%, domain 40%, middleware 50%). Frontend: TypeScript type check, Vitest, Vite production build.
 
+For detailed test procedures, smoke tests, and the release sign-off checklist, see the [Testing Guide](testing-guide.md). For setting up the Docker Compose test environment with real CA backends, see [Test Environment](test-env.md).
+
 ## What's Next
 
 - [Quick Start](quickstart.md) — Get certctl running locally
@@ -994,3 +996,5 @@ certctl is extensively tested across eight layers with CI-enforced coverage gate
 - [Compliance Mapping](compliance.md) — SOC 2, PCI-DSS 4.0, and NIST SP 800-57 alignment
 - [MCP Server Guide](mcp.md) — AI-native access to the API
 - [OpenAPI Spec](openapi.md) — Full API reference and SDK generation
+- [Testing Guide](testing-guide.md) — Test procedures and release sign-off
+- [Test Environment](test-env.md) — Docker Compose test environment setup