I recently changed the nameservers of my domain to Cloudflare. I then set up a Github pages site and followed the steps to use a custom domain for it.
I was facing an issue, wherein in Github pages settings I was unable to select the option to enforce HTTPS, with the following message:
Unavailable for your site because your domain is not properly configured to support HTTPS
I checked the help doc Github provided besides this error. I seemed to have configured the DNS records and other details correctly. I tried removing & then re-adding a custom domain to my Github pages site, but it didn't help.
Finally, through a conversation with Github help bot here. I found the issue.
When we add a site on Cloudflare, by default it proxies the traffic to our site through their server. This is how it's able to offer us DDoS protection & other benefits. It turns out this was the issue which was causing the HTTPS certificate issuance that Github was trying to do (using LetsEncrypt) to fail.
Cloudflare enables their HTTP/DNS proxy feature by default, meaning GitHub isn't able to see the DNS records required to generate an HTTPS certificate. You'll need to disable this for any DNS records that point towards GitHub.
Github bot recommended turning off proxying (Orange cloud) on those DNS records that pointed to Github and choosing DNS only (Grey cloud). Once, I did this, I then removed & re-added custom domain in Github pages settings to re-trigger certificate issuance, and it worked! Now HTTPS was enabled on my Github pages site & I was able to enforce HTTPS.
Lastly, just adding a disclaimer the Github bot mentioned, to be mindful of this while taking these steps
Disclaimer Disabling the HTTP/DNS proxy may interfere with other Cloudflare services. If you use other Cloudflare services with your site, we aren't able to guarantee that these will continue working. For more help with this, I'd recommend reaching out to Cloudflare's support team.
Top comments (0)