diff --git a/docs/enterprise/console-settings.yaml b/docs/enterprise/console-settings.yaml
index 4b2bcc181..77d960d89 100644
--- a/docs/enterprise/console-settings.yaml
+++ b/docs/enterprise/console-settings.yaml
@@ -19,13 +19,9 @@ settings:
               - name: "Name"
                 doc: This value is only visible in the Console UI.
               - name: "From"
-                dupe: true
               - name: "To"
-                dupe: true
               - name: "Redirect"
-                dupe: true
               - name: "Pass Identity Headers"
-                dupe: true
               - name: "Policies"
                 doc: Add or remove Policies to be applied to the Route. Note that Policies enforced in the Route's Namespace will be applied automatically.
               - name: "Enable Google Cloud Serverless Authentication"
@@ -34,15 +30,11 @@ settings:
           - name: "Matchers"
             settings:
               - name: Path
-                dupe: true
               - name: Prefix
-                dupe: true
               - name: Regex
-                dupe: true
           - name: "Rewrite"
             settings:
               - name: Prefix Rewrite"
-                dupe: true
               
           - name: "Timeouts"
           - name: "Headers"
diff --git a/docs/enterprise/reference/configure.md b/docs/enterprise/reference/configure.md
index ab7f28a0a..e7bb40a41 100644
--- a/docs/enterprise/reference/configure.md
+++ b/docs/enterprise/reference/configure.md
@@ -16,22 +16,80 @@ meta:
 
 ## Settings
 
+
 ### Global
 
+
 ### Cookies
 
+
 ### Timeouts
 
+
 ### GRPC
 
+
 ### Tracing
 
+Tracing tracks the progression of a single user request as it is handled by Pomerium.
+
+Each unit work is called a Span in a trace. Spans include metadata about the work, including the time spent in the step (latency), status, time events, attributes, links. You can use tracing to debug errors and latency issues in your applications, including in downstream connections.
+
+#### Shared Tracing Settings
+
+Config Key          | Description                                                                          | Required
+:------------------ | :----------------------------------------------------------------------------------- | --------
+tracing_provider    | The name of the tracing provider. (e.g. jaeger, zipkin)                              | ✅
+tracing_sample_rate | Percentage of requests to sample in decimal notation. Default is `0.0001`, or `.01%` | ❌
+
+#### Datadog
+
+Datadog is a real-time monitoring system that supports distributed tracing and monitoring.
+
+Config Key              | Description                                                                  | Required
+:---------------------- | :--------------------------------------------------------------------------- | --------
+tracing_datadog_address | `host:port` address of the Datadog Trace Agent. Defaults to `localhost:8126` | ❌
+
+#### Jaeger (partial)
+
+**Warning** At this time, Jaeger protocol does not capture spans inside the proxy service. Please use Zipkin protocol with Jaeger for full support.
+
+[Jaeger](https://www.jaegertracing.io/) is a distributed tracing system released as open source by Uber Technologies. It is used for monitoring and troubleshooting microservices-based distributed systems, including:
+
+- Distributed context propagation
+- Distributed transaction monitoring
+- Root cause analysis
+- Service dependency analysis
+- Performance / latency optimization
+
+Config Key                        | Description                                 | Required
+:-------------------------------- | :------------------------------------------ | --------
+tracing_jaeger_collector_endpoint | Url to the Jaeger HTTP Thrift collector.    | ✅
+tracing_jaeger_agent_endpoint     | Send spans to jaeger-agent at this address. | ✅
+
+#### Zipkin
+
+Zipkin is an open source distributed tracing system and protocol.
+
+Many tracing backends support zipkin either directly or through intermediary agents, including Jaeger. For full tracing support, we recommend using the Zipkin tracing protocol.
+
+Config Key              | Description                      | Required
+:---------------------- | :------------------------------- | --------
+tracing_zipkin_endpoint | Url to the Zipkin HTTP endpoint. | ✅
+
+#### Example
+
+![jaeger example trace](./img/jaeger.png)
+
 ### Authenticate
 
+
 ### Authorize
 
+
 ### Proxy
 
+
 ## Service Accounts
 
 <!-- Explain Service Accounts -->
diff --git a/docs/enterprise/reference/manage.md b/docs/enterprise/reference/manage.md
index ab9a404cc..9d89c02d5 100644
--- a/docs/enterprise/reference/manage.md
+++ b/docs/enterprise/reference/manage.md
@@ -18,12 +18,6 @@ A Route provides access to a service through Pomerium.
 
 The **General** tab defines the route path, both from the internet and to the internal service, and the policies attached. Note that policies enforced on a Namespace the Route resides in will also be applied.
 
-Several fields in the New Route View behave the same as their counterpoints in open-source Pomerium. See [Configuation Settings](/reference/) for more information on the following fields:
-  - [From](/reference/#from)
-  - [To](/reference/#to)
-  - [Redirect](/reference/#redirect)
-  - [Pass Identity Headers](/reference/#pass-identity-headers)
-
 
 #### Name
 
@@ -110,6 +104,7 @@ Add or remove Policies to be applied to the Route. Note that Policies enforced i
 
 ### Matchers
 
+
 #### Path
 
 If set, the route will only match incoming requests with a path that is an exact match for the specified path.
@@ -124,12 +119,19 @@ If set, the route will only match incoming requests with a path that matches the
 
 ### Rewrite
 
+
+#### Prefix Rewrite"
+
+
 ### Timeouts
 
+
 ### Headers
 
+
 ### Load Balancer
 
+
 ## Policies
 
 A Policy defines what permissions a set of users or groups has. Policies are applied to Namespaces or Routes to associate the set of permissions with a service or set of service, completing the authentication model.
@@ -169,3 +171,17 @@ A policy can only support PPL or Rego. Once one is set, the other tab is disable
 
 ## Certificates
 
+Certificates are the x509 _public-key_ and _private-key_ used to establish secure HTTP and gRPC connections. Any combination of the above can be used together, and are additive. You can also use any of these settings in conjunction with `Autocert` to get OCSP stapling.
+
+For example, if specifying multiple certificates at once:
+
+```yaml
+certificates:
+  - cert: "$HOME/.acme.sh/authenticate.example.com_ecc/fullchain.cer"
+    key: "$HOME/.acme.sh/authenticate.example.com_ecc/authenticate.example.com.key"
+  - cert: "$HOME/.acme.sh/verify.example.com_ecc/fullchain.cer"
+    key: "$HOME/.acme.sh/verify.example.com_ecc/verify.example.com.key"
+  - cert: "$HOME/.acme.sh/prometheus.example.com_ecc/fullchain.cer"
+    key: "$HOME/.acme.sh/prometheus.example.com_ecc/prometheus.example.com.key"
+```
+
diff --git a/docs/enterprise/reference/reports.md b/docs/enterprise/reference/reports.md
index 0ec6fda45..9312a5948 100644
--- a/docs/enterprise/reference/reports.md
+++ b/docs/enterprise/reference/reports.md
@@ -11,11 +11,16 @@ meta:
 
 ## Traffic
 
+
 ## Runtime
 
+
 ## Sessions
 
+
 ## Events
 
+
 ## Deployments
 
+
diff --git a/scripts/generate-console-pages.js b/scripts/generate-console-pages.js
index 088632674..92e73933b 100755
--- a/scripts/generate-console-pages.js
+++ b/scripts/generate-console-pages.js
@@ -120,7 +120,7 @@ const writeSubsection = (subsection, depth) => {
     if (!subsection.name) {
         return
     }
-    if (subsection.dupe) {
+    if (!subsection.doc) {
         subContent = fromOSSettings(subsection.name) + '\n'
     }
     let header = '#'.repeat(depth) + ' ' + subsection.name + '\n' + '\n'