GitHub Pages and

Feb 12, 2020

System Administration

By: Brandon Quakkelaar

So I must’ve been under a rock for the last 21 months because it wasn’t until this week that I learned that GitHub Pages now supports SSL certificates for custom domains. They’ve had SSL support since 2016 for sites using {user} domains. But it has also been available for custom domain sites (like this one) since May of 2018.

Before the feature was upgraded there were hacks to get around the custom domain limitation. Back then, when I was investigating, I decided it wasn’t worth the complexity and effort. is just a personal blog built with a static site generator using a free hosting service. I didn’t see the need to spend too much effort on a hacky solution for adding SSL to it. SSL was a “nice to have” feature, but not critical to me.

When I decided to look into it again, I was surprised that custom domain SSL’s were supported. Pleased as I was to learn this I was also slightly dismayed that I was ignorant for so long about the new GitHub feature.

Updating was simple enough. Years ago GitHub Pages had me create A Records pointing to a couple of their IP addresses. That method of setting up the domain is not compatible with the SSL feature they provide now. So I simply had to remove those A Records, and and replace them with a CNAME pointing to

I monitored the propogation of those setting with dig, as GitHub recommends.

$ dig +nostats +nocomments +nocmd

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> +nostats +nocomments +nocmd
;; global options: +cmd
;			IN	A		228	IN	CNAME	2029	IN	A	2029	IN	A	2029	IN	A	2029	IN	A

Once I saw the updated CNAME pointing to then I headed back over to my GitHub Pages settings to turn on SSL. I had to wait a few minutes for the SSL cert from LetsEncrypt to be available. Once that was online then all I needed to do was check the box to turn on SSL.

The last thing I needed to do was on my end rather than on GitHub’s end. I needed to update my Hugo config.toml to use https for the base url, re-generate the blog, and git push the changes.

Further Reading

Thanks for reading. Feel free to send comments to