TLJH Kernel and Terminal issues with HTTPS

Hi JupyterHub enthusiasts,

My setup is TLJH installed on a VM (V1), running on a physical machine (P1). I forward port V1:80 to P1:8080 and everything works perfectly when connected using the browser on P1 (localhost:8080).

Where things go wrong is after setting up https/reverse proxy and accessing it through the internet. The reverse proxy is set up using Apache on another VM on another machine.

I have 2 major issues:

  1. Kernel doesn’t connect.
  2. Terminal isn’t available via web.

Regarding the kernel, I’ve tried downgrading tornado and upgrading everything via sudo -E conda upgrade --all but to no avail. Currently we have tornado=6.1

We have only very basic knowledge regarding networking (https/SSL/websockets) and need some help here as well.

In TLJH config, HTTPS is DISABLED. This is because enabling it breaks something. But we have HTTPS connection via reverse proxy.

Apache config:

        ServerAdmin webmaster@localhost

        LogLevel debug ssl:warn rewrite:trace4

        ErrorLog ${APACHE_LOG_DIR}/jupyter_error.log
        CustomLog ${APACHE_LOG_DIR}/jupyter_access.log combined

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/cert.pem
        SSLCertificateKeyFile /etc/apache2/ssl/private/cert.key

        # Use RewriteEngine to handle websocket connection upgrades
        RewriteEngine On
        RewriteCond %{HTTP:Connection} Upgrade [NC]
        RewriteCond %{HTTP:Upgrade} websocket [NC]
        RewriteRule /(.*) ws://<P1>:8080/$1 [P,L]

        <Location "/">
                ProxyPreserveHost on
                ProxyPass http://<P1>:8080/
                ProxyPassReverse http://<P1>:8080/


For reference, the qemu command to run the VM:
qemu-system-x86_64 -enable-kvm Ubuntu.img -m 8G -cpu host -smp 4 -nic user,hostfwd=tcp::60022-:22,hostfwd=tcp::8080-:80 -nographic

Can you open your browser console and show us the logs? I’d expect there to be some error messages.

For posterity, I’m posting the solution here. I had to run a2enmod proxy_wstunnel on the apache server machine.

More info here: node.js - WebSockets and Apache proxy : how to configure mod_proxy_wstunnel? - Stack Overflow