You should be able to do this by setting ConfigurableHTTPProxy.command (in JupyterHub 0.8):
c.ConfigurableHTTPProxy.command = ['configurable-http-proxy, '--ssl-ciphers=...'] -Min On Mon, Nov 27, 2017 at 11:59 PM, Wood, Rohn (NIH/NIAID) [C] < [email protected]> wrote: > et al, > What is the best method for specyfing a cipher list to the nodejs > configurable proxy? I noted that jupyterhub proxy.py script invokes the > proxy and it appears to parse the /jupyter_hub.config file for related ssl > parameters and invoke them if present. At this point, I can only add a > ciphers list via: > > cmd = self.command + [ > '--ip', public_server.ip, > '--port', str(public_server.port), > '--api-ip', api_server.ip, > '--api-port', str(api_server.port), > '--error-target', url_path_join(self.hub.url, 'error'), > '--ssl-ciphers', 'EDH+aRSA+AESGCM:EDH+aRSA+AES: > EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA: > ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+ > SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA' > > It would preferable to have this passed from the jupyterhub_config file, > ala, > > c.JupyterHub.ssl_ciphers = 'EDH+aRSA+AESGCM:EDH+aRSA+AES: > EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA: > ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+ > SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA' > > > and have the proxy.py script parse it out, via: > > if self.ssl_ciphers: > cmd.extend(['--ssl-ciphers','EDH+aRSA+AESGCM:EDH+aRSA+AES: > EECDH+aRSA+AESGCM:EECDH+aRSA+AES:-SHA:ECDHE-RSA-AES256-SHA: > ECDHE-RSA-AES128-SHA:RSA+AESGCM:RSA+AES+SHA256:RSA+AES+ > SHA:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA']) > > > I did try this -- but was unsuccessful (to date). > > Still, am I missing something obvious that more reliably survive a code > update? > > Thanks! > > ROhn > > > --- > Rohn J. Wood, MPA, Contractor > Senior Systems Engineer, Unix System Administrator Consultant > Global Biomedical Research Support Program (GBRSP/OCICB) > NIAID\NIH\DHHS > Rocky Mountain Laboratories > Bldg. 28 Rm. 1B108A > 903 S. 4th St. > Hamilton, MT 59840 > 406.363.9433 FAX: 406.363.9388 > SRA International Inc, a CSRA company > ****************************************************************** > The information in this e-mail and any of its attachments is confidential > and may contain sensitive information. It should not be used by anyone who > is not the original intended recipient. If you have received this e-mail in > error please inform the sender and delete it from your mailbox or any other > storage devices. National Institute of Allergy and Infectious Diseases > shall not accept liability for any statements made that are sender's own > and not expressly made on behalf of the NIAID by one of its representatives. > ****************************************************************** > > -- > You received this message because you are subscribed to the Google Groups > "Project Jupyter" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > To view this discussion on the web visit https://groups.google.com/d/ > msgid/jupyter/BLUPR09MB0833B12A95610C710F97EA65E3250%40BLUPR09MB0833. > namprd09.prod.outlook.com. > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Project Jupyter" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/jupyter/CAHNn8BWbe9eFX0WviaG2f08UOAfSyaPk8N2mn%3Dd%3DM4nz7v6Y0Q%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
