SSL/HTTPS FAQ

Questions about SSL certificates and HTTPS configuration.

SSL Basics

Q: Why do I need HTTPS for my documentation site?

A: HTTPS provides:

Security: Encrypted data transmission
Trust: Browser security indicators
SEO: Google ranking factor
Features: Required for modern web features
Performance: HTTP/2 requires HTTPS

Q: How do I enable HTTPS on my VitePress site?

A: Most hosting services provide automatic HTTPS:

GitHub Pages: Enable in repository settings
Netlify: Automatic with Let's Encrypt
Vercel: Automatic SSL provisioning
Cloudflare Pages: Automatic SSL

GitHub Pages SSL

Q: How do I enable HTTPS on GitHub Pages?

A: Steps:

Go to repository Settings
Scroll to Pages section
Check "Enforce HTTPS"
Wait for certificate provisioning

Q: My GitHub Pages site shows SSL errors

A: Common solutions:

Wait 24 hours for certificate provisioning
Ensure custom domain is properly configured
Check DNS configuration
Verify CNAME file is correct

Netlify SSL

Q: How does Netlify handle SSL certificates?

A: Netlify automatically:

Provisions Let's Encrypt certificates
Renews certificates before expiration
Handles both www and non-www domains
Provides wildcard certificates for subdomains

Q: My Netlify site shows "Not Secure"

A: Troubleshooting steps:

Check domain configuration
Verify DNS propagation
Force certificate renewal
Contact Netlify support if issues persist

Custom SSL Certificates

Q: Can I use my own SSL certificate?

A: Yes, some hosting services allow custom certificates:

Upload certificate files
Configure private key
Set up certificate chain
Test configuration

Q: How do I get an SSL certificate?

A: Certificate sources:

Free: Let's Encrypt, Cloudflare
Paid: DigiCert, Comodo, GoDaddy
Hosting provider: Often included
CDN services: Cloudflare, AWS CloudFront

SSL Configuration

Q: How do I force HTTPS redirects?

A: Methods vary by hosting:

Netlify: _redirects file or Netlify.toml
Vercel: vercel.json configuration
Apache: .htaccess rules
Nginx: server configuration

Q: What are SSL security headers?

A: Important security headers:

Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Security-Policy: default-src 'self'
X-Frame-Options: DENY
X-Content-Type-Options: nosniff

Troubleshooting

Q: Mixed content warnings in browser

A: Fix mixed content issues:

Use HTTPS for all external resources
Update hardcoded HTTP links
Use protocol-relative URLs
Check third-party integrations

Q: Certificate expired errors

A: Solutions:

Check certificate expiration date
Force certificate renewal
Update DNS if using custom domain
Contact hosting provider support

Q: How do I test my SSL configuration?

A: Testing tools:

SSL Labs: Comprehensive SSL testing
Browser dev tools: Check certificate details
OpenSSL: Command-line testing
SSL Checker: Online validation tools

SSL/HTTPS FAQ ​

SSL Basics ​

Q: Why do I need HTTPS for my documentation site? ​

Q: How do I enable HTTPS on my VitePress site? ​

GitHub Pages SSL ​

Q: How do I enable HTTPS on GitHub Pages? ​

Q: My GitHub Pages site shows SSL errors ​

Netlify SSL ​

Q: How does Netlify handle SSL certificates? ​

Q: My Netlify site shows "Not Secure" ​

Custom SSL Certificates ​

Q: Can I use my own SSL certificate? ​

Q: How do I get an SSL certificate? ​

SSL Configuration ​

Q: How do I force HTTPS redirects? ​

Q: What are SSL security headers? ​

Troubleshooting ​

Q: Mixed content warnings in browser ​

Q: Certificate expired errors ​

Q: How do I test my SSL configuration? ​