Does GitHub Pages Support HTTPS for www and @ subdomains?

Support for both an apex and subdomain cert would be appreciated.

e.g. if I had the following in the CNAME file I’d expect them to both be covered:

somedomain.org

www.somedomain.org

Only allowing one to be covered by the cert isn’t apparent when you set a site up.

Cheers.

1 Like

May I suggest modifying the feature request about supporting subdomains, to automatically creating wildcard certificates for custom domains, so ANY subdomain is supported (not just www):

*.custom-domain.tld

See https://en.wikipedia.org/wiki/Wildcard_certificate

5 Likes

Is there any news on this topic? Or at least a confirmation that one day github will protect “example.com” and “www.example.com” via ssl?

1 Like

Hi @adrai,

At this point, there is no news on this front. Keep an eye on the GitHub Changelog to be notified of new features.

Thanks!

I’m also a little disapointed this is not supported properly. 

3 Likes

I think I’ve managed to make this work by accident.

We had:

example.com in the github pages settings.

@ on example.com domain pointing to github web servers

www CNAME @

Status was

http:\example.com - works

https:\example.com - works, cert good

http:\www.example.com - works

https:\www.example.com - cert error

For an experiment, I went into the github pages settings and set the config to be www.example.com.

My experiment didn’t work, so I flipped it back.

But now https:\www.example.com works, and https:\example.com does too.  SSLLabs is happy with both certificates (which are from Let’s Encrypt).

It may be that flipping the setting to www caused a new certificate to be generated.  Time will tell whether this cert gets renewed at its 3 month expiry time, or whether github forgets about it.  Anyway, it seems to work for now.

4 Likes

I will be a +1 on that request.

Just bought a .dev domain and was planning on keep it on github as a cv page, but since it needs an SSL cert (.dev rules) now I can’t access it from the www subdomain. Not that I actively use it or share the url with it, but it’s good to have the option. Right now the visitor will receive a cert error.

I understand not generating * certs to avoid abuse, but a www is pretty default and should be generated together with the apex domain when the repository is configured to a apex, since it’s the same thing.

4 Likes

Any update on this? Having users meet Chrome’s “Your connection is not private” screen when they incude/exclude the www subdomain is a bit of a massive problem.

10 Likes

I’d also like to know if there’s any work being done to solve this. 

2 Likes

I don’t think that this will work, as GitHub uses LetsEncrypt. LEs wildcard certificates need the Acme v2 endpoint and this requires regular DNS (TXT) changes for renewing the wildcard certificate.

please allow both “www.mydomain.org” and “mydomain.org

The work-around is to set first “mydomain.org” and then after the certificate is issued, change it to “www.mydomain.org” in this way they will both work.

But they will not be both renewed.

Just fix this!

1 Like

I agree… wilcard certificate would be very nice… so I can set a domain *.mydomain.org which will all go to the same github page.

but still… even only www.mydomain.org and mydomain.org would be a nice option.

2 Likes

Any other update?

Work, thanks!
Lets see again in 3 months otherwise I have to do a toogle again :slight_smile:

Thank you for all the amazing work at GitHub!

We still need this feature badly :slight_smile:

1 Like

Same situation:

example.com” in the github pages settings.
“Enforce HTTPS” in the github pages settings.

http:\example.com - works
https:\example.com - works, cert good
http:\www.example.com - works
https:\www.example.com - cert error

I tried the workaround described by tmarkettos
Does not work in my case.
May be I did something wrong?
Entered “example.com” in the github pages settings. Waited a bit. Changed it back to example.com
tmarkettos – how long should I wait?

Anyway, Github team, pls fix it, it is clearly a bug. 

1 Like

Not a real solution, but using Google Domains for my .dev domain I created a “Synthetic Record” subdomain forward to send www to the apex domain as a temporary redirect, preserving the path and enabling SSL. At first it barked that it wouldn’t work because the certificate didn’t exist yet, but within a short time it worked.

Again inelegant, but at least prevents scary browser security messages.

6 Likes

I have the same issue, any news?

I’m just trying out github pages and have the same issue.

Maybe it’s best to just create separate repositories (github pages) with the same contents for www.example.com and example.com? I would just setup A records for both @ and www?

From https://help.github.com/en/articles/setting-up-an-apex-domain-and-www-subdomain:
“You must configure www subdomain and root domain redirects with your domain registrar.”

What does that mean?

And this doc states that it’s better to use www:
https://help.github.com/en/articles/about-supported-custom-domains#www-subdomains

So it’s better to redirect example.com to www.example.com? Though github.com doesn’t do this!

Any further news? I’d love to use gh-pages but I really want domain.com, www.domain.com and SSL for both.