GitHub Enterprise uses a self-signed certificate when it is first started. You should configure TLS to use a certificate that is signed by a certificate authority that is trusted by web browsers.

Uploading a custom TLS certificate

  1. In the upper-right corner of any page, click . Rocketship icon for accessing site admin settings

  2. In the left sidebar, click Management Console. Management Console tab in the left sidebar

  3. At the top of the Management Console, click Settings. Settings tab

  4. In the left sidebar, click Privacy. Privacy sidebar

  5. Select SSL only (recommended). SSL only checkbox

  6. Under "Certificate", click Choose File to choose a TLS certificate or certificate chain (in PEM format) to install. This file will usually have a .pem, .crt, or .cer extension. Browser for TLS certificate file

  7. Under "Unencrypted key", click Choose File to choose a TLS key (in PEM format) to install. This file will usually have a .key extension. Browser for TLS key

    Warning: Your TLS key must not have a passphrase. For more information, see "Removing the passphrase from your key file".

Further reading