This procedure applies to version 5.5 or
later ESXi or vCenter Server for Windows.
You can modify ESXi
configuration from a shell window over an SSH connection, using the following
procedure. If you do not have SSH enabled, use the appropriate vSphere CLI
command to obtain the configuration file from the server, modify the file to
support HTTP, and move the file back to the ESXi system. For more information
about the vSphere CLI command syntax, see the
vSphere CLI Installation and Reference
Guide.
Procedure
-
Log in to a shell window or File Explorer
with root or
administrator privileges.
-
Change directories to the location of the
endpoint configuration file.
The location differs,
depending on the platform.
- For ESXi:
/etc/vmware/rhttpproxy
- For vCenter Server for Windows:
C:\Program
Data\VMware\vCenterServer\cfg\vmware-rhttpproxy\endpoints.conf.d
-
Copy the
endpoints.conf file to a
temporary directory for editing.
- On ESXi:
# cp endpoints.conf /tmp/endpoints.conf
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Change the permissions on the temporary
endpoints.conf file to
allow editing.
- On ESXi:
# chmod +w /tmp/endpoints.conf
- On vCenter Server for Windows, right
click the file in File Explorer and select
Properties to change
file permissions.
-
Use a text editor to open the temporary
file.
- On ESXi:
# vi /tmp/endpoints.conf
- On vCenter Server for Windows, choose any
text editor, such as Notepad, from the
Start menu.
-
Navigate to the line that specifies the
endpoints for SDK connections, which begins with
/sdk.
The line looks similar to this:
/sdk local 8085 redirect allow
-
To enable HTTP connections, change the word
redirect
to
allow.
When configured to allow both HTTP and HTTPS
connections, the
/sdk line looks similar
to this:
/sdk local 8085 allow allow
-
(Optional) If you prefer to completely
disable HTTPS, change the last word to
reject instead of
allow.
When configured to allow only HTTP
connections, the
/sdk line looks similar
to this:
/sdk local 8085 allow reject
-
(Optional) Change the setting for the
Managed Object Browser as well.
When configured to allow both HTTP and HTTPS
connections, the
/mob line looks similar
to this:
/mob local 8085 allow allow
-
Save your settings and close the file.
-
Change the permissions on the temporary file
to disable editing.
- On ESXi:
#
chmod -w
/tmp/endpoints.conf
- On vCenter Server for Windows, right
click the file in File Explorer and select
Properties to change
file permissions.
-
Copy the original
endpoints.conf file to a
backup file.
- On ESXi:
#
cp endpoints.conf
endpoints.conf.old
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Copy the temporary file
endpoints.conf file back,
replacing the original
endpoints.conf file.
- On ESXi:
#
cp /tmp/endpoints.conf
endpoints.conf
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Signal the reverse proxy service to update
its configuration by entering the following command:
- On ESXi:
/etc/init.d/rhttpproxy
restart
- On vCenter Server for Windows:
From the Windows menu, choose
, right click the rhttpproxy service, and choose
Restart.
Example: An
endpoints.conf File Modified
To Support HTTP connections to the SDK and the MOB
/ local 8309 redirect allow
/sdk local 8307 allow allow
/client/clients.xml local 8309 allow allow
/ui local 8308 redirect allow
/vpxa local 8089 reject allow
/mob namedpipe /var/run/vmware/proxy-mob allow allow
/wsman local 8889 redirect allow
/sdkTunnel namedpipetunnel /var/run/vmware/proxy-sdk-tunnel allow reject
/ha-nfc local 12001 allow allow
/nfc local 12000 allow allow
/folder local 8309 redirect allow
/host local 8309 redirect allow
/tmp local 8309 redirect allow
/screen local 8309 redirect allow
/guestFile local 8309 redirect allow
/cgi-bin local 8309 redirect allow