How to configure a custom SSL domain with apache2

How to configure a custom SSL domain with Apache2.

I spent the last 6 hours trying to configure a custom domain, on a self-hosted server and kept running into silly roadblocks. Here’s how I did it.

The first thing you will want to do is publish something on obsidian. Just a temporary page will do. After that, you’ll be able to configure Obsidian Publish.

Click the gear for, “Change Site Options”.

Click the “Configure”, bottom next to, “Custom Domain” .

Redirect should not be selected. It will cause a redirect loop!

It should be working now.

See if you can go request your site using the following address.

Replace with the domain you just configured. We will redirect to this proxy later.

Now is the time to connect to your server.

Update the server. If you are on Ubuntu use the following command.

sudo apt update && sudo apt upgrade -y

Next, run the following commands to make sure Apache2 has the required modules. Not all the modules are used but it’s better to have them. The only modules you need are proxy, proxy_http, and maybe headers but I have not checked.

a2enmod proxy
a2enmod proxy_http
a2enmod proxy_ajp
a2enmod rewrite
a2enmod deflate
a2enmod headers
a2enmod proxy_balancer
a2enmod proxy_connect
a2enmod proxy_html

Next, we want to generate an SSL certificate for your custom domain. We will use Certbot. They have good instructions.

Let Certbot create a site for you. It will be in:


Create a backup of the file and edit the original.

The following is the minimum configuration you’ll need.

<IfModule mod_ssl.c>
<VirtualHost *:443>
    # Tell apache2 to use the proxy module
    SSLProxyEngine On
    # Make the following the new host.
    ProxyPass /  
    ProxyPassReverse /

RewriteEngine on

# The left half controls the path.
# If you want
# Use  "^notes/(.*)$"
# If you want
# Use  "^/(.*)$"
# The right half is the proxy.
# Use the address you tested earlier.

RewriteRule "^/(.*)$" "$1" [L,P]

# Certbox should have added your key files here
SSLCertificateFile /etc/letsencrypt/live/
SSLCertificateKeyFile /etc/letsencrypt/live/
Include /etc/letsencrypt/options-ssl-apache.conf
</IfModule mod_ssl.c>

Lastly, restart apache2.

sudo systemctl restart apache2

Force Load

ctrl + shift + left-click the browser refresh button to force your page to refresh instead of using the cached version.


A new user can’t post more than 5 links. I have the resources I used on:

This will break Google Analytics.

Can you explain how for me and Everyone reading the article?