This is a noob problem, but anyway:
Whenever I try to access my github page site, I get a certificate error:
The server blog.teratomaquia.com.br uses an invalid security certificate. The certificate is only valid for the following names: www.github.com, *.github.com, github.com, *.github.io, github.io, *.githubusercontent.com, githubusercontent.com Error code: SSL_ERROR_BAD_CERT_DOMAIN
I've setup everything correctly, as far as I know.
Github pages available via https only if you use *.guthub.com domain. If you will take a look at repository settings:
and yes, Chrome show warnings about certificate:
I used the hack which explained here: but then you will need a free account at CloudFlare and update your DNS records.
I also ran into this problem yesterday, when running a tool that does not use http unless an https request first fails to connect. I was surprised to find that disabling "Enforce HTTPS" didn't actually disable https, and that Pages would still try to send a github certificate. It doesn't seem that there's anything a user can do if they don't need or want https for their site, which seems like a bug.
Hi all! Great questions and conversation here. I have some more info that I think will help.
We respond over both HTTP and HTTPS for all sites. Some users put proxies, like Cloudflare, in front of their site, but this means we can't downgrade from HTTPS to HTTP. This is because HTTPS might work, but we don't know that at our end. If a user (or tool) explicitly requests HTTPS, we'll serve it with whatever cert we have, but only if the user requests it.
Enforcement is specifically about redirecting HTTP to HTTPS. When not enabled, we don't redirect, but still serve HTTPS.
Having said all that, this particular issue isn't really a bug, because to us, the visitor is explicitly asking for HTTPS.
As mentioned above, if you're unable to hard-code HTTP, adding Cloudflare in front of your site can allow you to support HTTPS.
HTTPS for custom domains is one of our most frequent features requests, and I can tell you that it's something we're working on (though I can't specify a timeline for that).
I hope this helps!