Docs: document "force https" for Pages
This commit is contained in:
parent
f4c4781bd7
commit
33ed4bf87c
|
@ -1,5 +1,5 @@
|
|||
---
|
||||
last_updated: 2019-06-04
|
||||
last_updated: 2019-06-25
|
||||
type: concepts, reference, howto
|
||||
---
|
||||
|
||||
|
@ -138,9 +138,9 @@ verify your domain's ownership with a TXT record:
|
|||
> - **Do not** add any special chars after the default Pages
|
||||
domain. E.g., **do not** point your `subdomain.domain.com` to
|
||||
`namespace.gitlab.io.` or `namespace.gitlab.io/`.
|
||||
> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017
|
||||
> - GitLab Pages IP on GitLab.com [was changed](https://about.gitlab.com/2017/03/06/we-are-changing-the-ip-of-gitlab-pages-on-gitlab-com/) in 2017.
|
||||
> - GitLab Pages IP on GitLab.com [has been changed](https://about.gitlab.com/2018/07/19/gcp-move-update/#gitlab-pages-and-custom-domains)
|
||||
from `52.167.214.135` to `35.185.44.232` in 2018
|
||||
from `52.167.214.135` to `35.185.44.232` in 2018.
|
||||
|
||||
### Add your custom domain to GitLab Pages settings
|
||||
|
||||
|
@ -199,7 +199,7 @@ Certificates are NOT required to add to your custom
|
|||
highly recommendable.
|
||||
|
||||
Let's start with an introduction to the importance of HTTPS.
|
||||
Alternatively, jump ahead to [adding certificates to your project](#adding-certificates-to-your-project).
|
||||
Alternatively, jump ahead to [adding certificates to your project](#adding-certificates-to-pages).
|
||||
|
||||
### Why should I care about HTTPS?
|
||||
|
||||
|
@ -255,12 +255,12 @@ which also offers a [free CDN service](https://blog.cloudflare.com/cloudflares-f
|
|||
Their certs are valid up to 15 years. See the tutorial on
|
||||
[how to add a CloudFlare Certificate to your GitLab Pages website](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/).
|
||||
|
||||
### Adding certificates to your project
|
||||
### Adding certificates to Pages
|
||||
|
||||
Regardless the CA you choose, the steps to add your certificate to
|
||||
your Pages project are the same.
|
||||
|
||||
### What do you need
|
||||
#### Requirements
|
||||
|
||||
1. A PEM certificate
|
||||
1. An intermediate certificate
|
||||
|
@ -270,7 +270,7 @@ your Pages project are the same.
|
|||
|
||||
These fields are found under your **Project**'s **Settings** > **Pages** > **New Domain**.
|
||||
|
||||
### What's what?
|
||||
#### Certificate types
|
||||
|
||||
- A PEM certificate is the certificate generated by the CA,
|
||||
which needs to be added to the field **Certificate (PEM)**.
|
||||
|
@ -283,21 +283,32 @@ These fields are found under your **Project**'s **Settings** > **Pages** > **New
|
|||
- A private key is an encrypted key which validates
|
||||
your PEM against your domain.
|
||||
|
||||
### Now what?
|
||||
#### Add the certificate to your project
|
||||
|
||||
Now that you hopefully understand why you need all
|
||||
of this, it's simple:
|
||||
Once you've met the requirements:
|
||||
|
||||
- Your PEM certificate needs to be added to the first field
|
||||
- Your PEM certificate needs to be added to the first field.
|
||||
- If your certificate is missing its intermediate, copy
|
||||
and paste the root certificate (usually available from your CA website)
|
||||
and paste it in the [same field as your PEM certificate](https://about.gitlab.com/2017/02/07/setting-up-gitlab-pages-with-cloudflare-certificates/),
|
||||
just jumping a line between them.
|
||||
- Copy your private key and paste it in the last field
|
||||
- Copy your private key and paste it in the last field.
|
||||
|
||||
>**Note:**
|
||||
NOTE: **Note:**
|
||||
**Do not** open certificates or encryption keys in
|
||||
regular text editors. Always use code editors (such as
|
||||
Sublime Text, Atom, Dreamweaver, Brackets, etc).
|
||||
|
||||
_Read on about [Creating and Tweaking GitLab CI/CD for GitLab Pages](getting_started_part_four.md)_
|
||||
## Force HTTPS for GitLab Pages websites
|
||||
|
||||
> [Introduced](https://gitlab.com/gitlab-org/gitlab-ce/issues/28857) in GitLab 10.7.
|
||||
|
||||
To make your website's visitors even more secure, you can choose to
|
||||
force HTTPS for GitLab Pages. By doing so, all attempts to visit your
|
||||
website via HTTP will be automatically redirected to HTTPS via 301.
|
||||
|
||||
It works with both GitLab's default domain and with your custom
|
||||
domain (as long as you've set a valid certificate for it).
|
||||
|
||||
To enable this setting, navigate to your project's **Settings > Pages**
|
||||
and tick the checkbox **Force HTTPS (requires valid certificates)**.
|
||||
|
|
Loading…
Reference in New Issue