Certificate error

This is a noob problem, but anyway:

Whenever I try to access my github page site, I get a certificate error:

The server blog.teratomaquia.com.br uses an invalid security certificate. The certificate is only valid for the following names: www.github.com, *.github.com, github.com, *.github.io, github.io, *.githubusercontent.com, githubusercontent.com Error code: SSL_ERROR_BAD_CERT_DOMAIN

I’ve setup everything correctly, as far as I know.

3 Likes

Github pages available via https only if you use *.guthub.com  domain. If you will take a look at repository settings:

and yes, Chrome show warnings about certificate:

I used the hack which explained here: but then you will need a free account at CloudFlare and update your DNS records.

1 Like

I also ran into this problem yesterday, when running a tool that does not use http unless an https request first fails to connect. I was surprised to find that disabling “Enforce HTTPS” didn’t actually disable https, and that Pages would still try to send a github certificate. It doesn’t seem that there’s anything a user can do if they don’t need or want https for their site, which seems like a bug.

Hi all! Great questions and conversation here. I have some more info that I think will help.

We respond over both HTTP and HTTPS for all sites. Some users put proxies, like Cloudflare, in front of their site, but this means we can’t downgrade from HTTPS to HTTP. This is because HTTPS might work, but we don’t know that at our end. If a user (or tool) explicitly requests HTTPS, we’ll serve it with whatever cert we have, but only if the user requests it.

Enforcement is specifically about redirecting HTTP to HTTPS. When not enabled, we don’t redirect, but still serve HTTPS.

Having said all that, this particular issue isn’t really a bug, because to us, the visitor is explicitly asking for HTTPS.

As mentioned above, if you’re unable to hard-code HTTP, adding Cloudflare in front of your site can allow you to support HTTPS.

HTTPS for custom domains is one of our most frequent features requests, and I can tell you that it’s something we’re working on (though I can’t specify a timeline for that).

I hope this helps!

8 Likes

Thanks for explaining!

1 Like

Even though I haven’t add Cloudfare or didn’t request for https. The custom github page redirects to a https page ( with certificate error). Any help on that?

Hi @sin9yt,

This sounds like something that we might have to get more private account information for in order to troubleshoot. I’d recommend reaching out to our private support at https://github.com/contact to look into that issue.

1 Like

The best solution I have found to this is to add the CAA record in this way:

your.domain 120 IN CAA 1 issue “letsencrypt.org

www.your.domain 120 IN CAA 1 issue “letsencrypt.org

with a 1 and not a 0 (I can’t remember why)

On cloudflare, to do so you must export modify the 0 in 1 and import back in cludflare for this to work.

2 Likes

It seems github pages now has https support more widely (as the warning has been removed from the enforce https option). Is this true? How do we ensure that https is used?