GitHub Enterprise uses a self-signed certificate when it is first started. You should configure TLS to use a certificate that is signed by a certificate authority that is trusted by web browsers.

Uploading a custom TLS certificate

  1. Rocketship icon for accessing site admin settingsIn the upper-right corner of any page, click .

  2. Management Console tab in the left sidebarIn the left sidebar, click Management Console.

  3. Settings tabAt the top of the Management Console, click Settings.

  4. Privacy sidebarIn the left sidebar, click Privacy.

  5. SSL only checkboxSelect SSL only (recommended).

  6. Browser for TLS certificate fileUnder "Certificate", click Choose File to choose a TLS certificate or certificate chain (in PEM format) to install. This file will usually have a .pem, .crt, or .cer extension.
  7. Browser for TLS keyUnder "Unencrypted key", click Choose File to choose a TLS key (in PEM format) to install. This file will usually have a .key extension.

    Warning: Your TLS key must not have a passphrase. For more information, see "Removing the passphrase from your key file".

Further reading