George V. Reilly

HTTPS for GitHub Pages Custom Domain: Not Yet

This website, http://www.georgevreil­, is hosted at GitHub Pages. It’s actually https://georgevreil­ but I’ve configured the former as the “custom domain”, so the latter is un­con­di­tion­al­ly redirected to the custom domain.

GitHub Pages gives me free, fast hosting and an easy pub­li­ca­tion model: I commit the latest changes to my master branch, I push the branch to GitHub, and seconds later, my site is updated. I’m using Acrylamid to generate the content from re­Struc­tured­Text source on the blog branch and ghp-import to commit the HTML to the master branch.

GitHub Pages supports HTTPS as of June 2016, but not for custom domains. There are some hacks but I don’t feel like using them. I’m hoping that GitHub will add support for custom domains soon.

Why HTTPS? It’s secure, it engenders trust, and it’s faster than HTTP. The latter surprised me and the (big) caveat is that HTTPS’s speed is due to HTTP/2, which requires a secure connection using TLSv1.2. HTTP/1.1 is indeed slower than HTTP/2.

I have never quite trained myself not to say SSL, even though Secure Sockets Layer 3.0 was released twenty years ago in 1996 and has long been superseded by Transport Layer Security (TLS). And it’s “HTTP Secure”, not “HTTP over SSL”.

I briefly looked at Let’s Encrypt while thinking about generating a cer­tifi­cate. I installed its Certbot tool using Homebrew and I saw that it depended upon something called Augeas, which turns out to be a con­fig­u­ra­tion-editing tool. Ironically, Augeas is hosted at [sic]. I tweeted about it.

blog comments powered by Disqus
Plums » « USB Charge-Only Cables and Condoms