GitHub Enterprise uses a self-signed certificate when it is first started. You should configure TLS to use a certificate that is signed by a certificate authority that is trusted by web browsers.
Uploading a custom TLS certificate
In the upper-right corner of any page, click .
In the left sidebar, click Management Console.
At the top of the Management Console, click Settings.
In the left sidebar, click Privacy.
Select TLS only (recommended).
- Under "TLS Protocol support", select the protocols you want to allow.
- Under "Certificate", click Choose File to choose a TLS certificate or certificate chain (in PEM format) to install. This file will usually have a .pem, .crt, or .cer extension.
Under "Unencrypted key", click Choose File to choose a TLS key (in PEM format) to install. This file will usually have a .key extension.
Warning: Your TLS key must not have a passphrase. For more information, see "Removing the passphrase from your key file".