How not to move your blog to GitHub pages using a custom domain and SSL
May 15, 2018
I was excited to see the recent tweet from GitHub just a couple of weeks ago, announcing:
“Today, custom domains on GitHub Pages are gaining support for HTTPS via @letsencrypt. It’s another step towards making the web more secure for everyone.”
After reviewing the docs I decided to move this blog and a couple other small sites over from my Google Cloud account and host them on GitHub pages since I was already using Jekyll.
It has not gone smoothly.
After some help from the GitHub support team I have managed to get the domains working with SSL without any subdomain (e.g. https://andygrove.io works). However, it turns out that GitHub Pages does not support also having a www sudomain active at the same time, which wasn’t at all clear from the docs. Although you can set up a CNAME redirect from the www subdomain to the apex domain, the user than gets an SSL certificate error when arriving at the site.
I have had this confirmed by email from the support team:
“I’m afraid we don’t currently support generating certificates that cover both an apex domain and www subdomain. Instead, we only generate a certificate for the exact domain format specified in your repository settings.”
This is disappointing especially since any existing links out there for the www subdomain are now broken and result in an SSL cerfificate error page in the browser. I would not have moved the sites if I had known this in advance.
Hopefully GitHub will improve their docs around this to make it clearer that this is not supported.
Want to learn more about query engines? Check out my book "How Query Engines Work".