Commit 33ed4bf8 authored by Marcia Ramos's avatar Marcia Ramos Committed by Achilleas Pipinellis

Docs: document "force https" for Pages

parent f4c4781b
---
last_updated: 2019-06-04
last_updated: 2019-06-25
type: concepts, reference, howto
---
......@@ -138,9 +138,9 @@ verify your domain's ownership with a TXT record:
> - **Do not** add any special chars after the default Pages
domain. E.g., **do not** point your `subdomain.domain.com` to
`namespace.gitlab.io.` or `namespace.gitlab.io/`.
> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017
> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017.
> - GitLab Pages IP on GitLab.com [has been changed](https://about.gitlab.com/2018/07/19/gcp-move-update/#gitlab-pages-and-custom-domains)
from `52.167.214.135` to `35.185.44.232` in 2018
from `52.167.214.135` to `35.185.44.232` in 2018.
### Add your custom domain to GitLab Pages settings
......@@ -199,7 +199,7 @@ Certificates are NOT required to add to your custom
highly recommendable.
Let's start with an introduction to the importance of HTTPS.
Alternatively, jump ahead to [adding certificates to your project](#adding-certificates-to-your-project).
Alternatively, jump ahead to [adding certificates to your project](#adding-certificates-to-pages).
### Why should I care about HTTPS?
......@@ -255,12 +255,12 @@ which also offers a [free CDN service](https://blog.cloudflare.com/cloudflares-f
Their certs are valid up to 15 years. See the tutorial on
[how to add a CloudFlare Certificate to your GitLab Pages website](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/).
### Adding certificates to your project
### Adding certificates to Pages
Regardless the CA you choose, the steps to add your certificate to
your Pages project are the same.
### What do you need
#### Requirements
1. A PEM certificate
1. An intermediate certificate
......@@ -270,7 +270,7 @@ your Pages project are the same.
These fields are found under your **Project**'s **Settings** > **Pages** > **New Domain**.
### What's what?
#### Certificate types
- A PEM certificate is the certificate generated by the CA,
which needs to be added to the field **Certificate (PEM)**.
......@@ -283,21 +283,32 @@ These fields are found under your **Project**'s **Settings** > **Pages** > **New
- A private key is an encrypted key which validates
your PEM against your domain.
### Now what?
#### Add the certificate to your project
Now that you hopefully understand why you need all
of this, it's simple:
Once you've met the requirements:
- Your PEM certificate needs to be added to the first field
- Your PEM certificate needs to be added to the first field.
- If your certificate is missing its intermediate, copy
and paste the root certificate (usually available from your CA website)
and paste it in the [same field as your PEM certificate](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/),
just jumping a line between them.
- Copy your private key and paste it in the last field
- Copy your private key and paste it in the last field.
>**Note:**
NOTE: **Note:**
**Do not** open certificates or encryption keys in
regular text editors. Always use code editors (such as
Sublime Text, Atom, Dreamweaver, Brackets, etc).
_Read on about [Creating and Tweaking GitLab CI/CD for GitLab Pages](getting_started_part_four.md)_
## Force HTTPS for GitLab Pages websites
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/28857) in GitLab 10.7.
To make your website's visitors even more secure, you can choose to
force HTTPS for GitLab Pages. By doing so, all attempts to visit your
website via HTTP will be automatically redirected to HTTPS via 301.
It works with both GitLab's default domain and with your custom
domain (as long as you've set a valid certificate for it).
To enable this setting, navigate to your project's **Settings > Pages**
and tick the checkbox **Force HTTPS (requires valid certificates)**.
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment