Jitsi Meet in Docker Container: Websocket error

Question

(I asked this question on StackOverflow yesterday, but I didn't receive an answer yet, and maybe Serverfault is a better platform for this question. Also I can't post pictures here, but I hope the question is clear without them. If not, please look at the SO post.)

I'd like to set up a Jitsi Meet instance on my Debian server via Docker container. I've got an Apache webserver running on it and want to add the Jitsi server on a subdomain.

I followed the tutorial on how to do this and I am able to reach the site, but not to join a session.

I guess there is some error in the Apache configuration (see below), but I don't really know.

There are some errors in the JS console, but the important one (I guess) is:

WebSocket connection to 'wss://jitsi.example.com/xmpp-websocket?room=strangeshopsincorporateagain' failed: Error during WebSocket handshake: 'Upgrade' header is missing

Jitsi configuration file (the important parts; I didn't change anything else):

...
#
# Basic configuration options
#

# Directory where all configuration will be stored
CONFIG=~/.jitsi-meet-cfg

# Exposed HTTP port
HTTP_PORT=8000

# Exposed HTTPS port
HTTPS_PORT=8443

# System time zone
TZ=Europe/Berlin

# Public URL for the web service (required)
PUBLIC_URL=https://jitsi.example.com

# IP address of the Docker host
# See the "Running behind NAT or on a LAN environment" section in the Handbook:
# https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker#running-behind-nat-or-on-a-lan-environment
DOCKER_HOST_ADDRESS=192.168.178.57
# local IP address of my server
...

Apache configuration:

<VirtualHost *:443>
        ServerName jitsi.example.com:443

        SSLEngine on
        SSLCertificateFile /etc/letsencrypt/live/example.com/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/example.com/privkey.pem

        AllowEncodedSlashes NoDecode

        SSLProxyEngine On
        SSLProxyVerify None
        SSLProxyCheckPeerCN Off
        SSLProxyCheckPeerName Off

        RewriteEngine on
        RewriteCond ${HTTP:UPGRADE} ^WebSocket$ [NC]
        RewriteCond ${HTTP:CONNECTION} ^Upgrade$ [NC]
        RewriteRule .* "wss://localhost:8443/$1" [P,L]

        ProxyPreserveHost On

        ProxyPass / https://localhost:8443/ nocanon
        ProxyPassReverse / https://localhost:8443/

        ProxyPass /xmpp-websocket wss://localhost:8443/xmpp-websocket
        ProxyPassReverse /xmpp-websocket wss://localhost:8443/xmpp-websocket

        ProxyRequests off
</VirtualHost>

And the output of apache2ctl -S

VirtualHost configuration:
*:80                   example.com (/etc/apache2/sites-enabled/example.conf:1)
*:443                  is a NameVirtualHost
         default server jitsi.example.com (/etc/apache2/sites-enabled/jitsi.conf:1)
         port 443 namevhost jitsi.example.com (/etc/apache2/sites-enabled/jitsi.conf:1)
         port 443 namevhost example.com (/etc/apache2/sites-enabled/example.conf:39)
         port 443 namevhost office.example.com (/etc/apache2/sites-enabled/office-code.conf:1)
ServerRoot: "/etc/apache2"
Main DocumentRoot: "/var/www/html"
Main ErrorLog: "/var/log/apache2/error.log"
Mutex rewrite-map: using_defaults
Mutex ssl-stapling-refresh: using_defaults
Mutex ssl-stapling: using_defaults
Mutex proxy: using_defaults
Mutex ssl-cache: using_defaults
Mutex default: dir="/var/run/apache2/" mechanism=default
Mutex mpm-accept: using_defaults
Mutex watchdog-callback: using_defaults
PidFile: "/var/run/apache2/apache2.pid"
Define: DUMP_VHOSTS
Define: DUMP_RUN_CFG
User: name="www-data" id=33
Group: name="www-data" id=33