How to Enable HTTPS for the www Subdomain on GitHub Pages and Avoid Errors

Recently I moved hosting for my portfolio site from to GitHub Pages.

I did this for a couple of reasons:

  • Any changes to the page would be reflected immediately, rather than requiring I FTP into Web Hosting For Students server and update individual files
  • I could save $25 a year

Fortunately the move was relatively painless. I followed this guide to set up a custom domain for the page.

But immediately I noticed a problem -- while worked just fine, I got the following error for

Attackers might be trying to steal your information from (for example, passwords, messages, or credit card)... NET::ERR_CERT_COMMON_NAME_INVALID

Turns out that this is a widespread issue, and is covered in depth here: Does GitHub Pages Support HTTPS for www and @ subdomains?

The solution is simple -- just add the www subdomain to the Custom domain in the settings of your GitHub repository:


Make sure that you checked the Enforce HTTPS option while you're here!

Shoutout to VBerny and Monarch Wadia for leading me to the correct solution.

No Comments Yet