You can also modify the vAPI endpoint
configuration for vCenter Server to accept HTTP connections in addition to or
instead of HTTPS connections. This is useful for clients that interact both
with the vSphere Web Services API endpoint and the vSphere Automation API
endpoint in a development environment. Use the following procedure.
Procedure
-
Log in to a shell window or File Explorer
with root or
administrator privileges.
-
Change directories to the location of the
endpoint configuration file.
The location differs,
depending on the platform.
- For vCenter Server Appliance:
/etc/vmware-rhttpproxy/endpoints.conf.d
- For vCenter Server for Windows:
C:\Program
Data\VMware\vCenterServer\cfg\vmware-rhttpproxy\endpoints.conf.d
-
Copy the vapi-endpoint.conf file to a temporary directory
for editing.
- On vCenter Server Appliance:
# cp vapi-endpoint.conf
/tmp/vapi-endpoint.conf
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Change the permissions on the temporary file
to allow editing.
- On vCenter Server Appliance:
# chmod +w /tmp/vapi-endpoint.conf
- On vCenter Server for Windows, right
click the file in File Explorer and select
Properties to change
file permissions.
-
Use a text editor to open the temporary
file.
- On vCenter Server Appliance:
# vi /tmp/vapi-endpoint.conf
- On vCenter Server for Windows, choose any
text editor, such as Notepad, from the
Start menu.
-
Navigate to the line that specifies the
endpoint for REST connections, which begins with
/rest.
The line looks similar to this:
/rest local 12346 redirect allow
-
To enable HTTP connections for REST clients,
change the word
redirect
to
allow.
When configured to allow both HTTP and HTTPS
connections, the
/rest line looks similar
to this:
/rest local 12346 allow allow
-
(Optional) If you prefer to completely
disable HTTPS, change the last word to
reject instead of
allow.
When configured to allow only HTTP
connections, the
/rest line looks similar
to this:
/rest local 12346 allow reject
-
Navigate to the line that specifies the
endpoint for clients that use language bindings rather than REST, which begins
with
/api.
The line looks similar to this:
/api local 12346 redirect allow
-
To enable HTTP connections for clients using
language bindings rather than REST, change the word
redirect
to
allow.
When configured to allow both HTTP and HTTPS
connections, the
/api line looks similar
to this:
/api local 12346 allow allow
-
Save your settings and close the file.
-
Change the permissions on the temporary file
to disable editing.
- On vCenter Server Appliance:
#
chmod -w
/tmp/vapi-endpoint.conf
- On vCenter Server for Windows, right
click the file in File Explorer and select
Properties to change
file permissions.
-
Copy the original vapi-endpoint.conf file to a backup file.
- On vCenter Server Appliance:
#
cp vapi-endpoint.conf
vapi-endpoint.conf.old
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Copy the temporary file back, replacing the
original vapi-endpoint.conf file.
- On vCenter Server Appliance:
#
cp
/tmp/vapi-endpoint.conf vapi-endpoint.conf
- On vCenter Server for Windows, use File
Explorer to copy the file.
-
Signal the reverse proxy service to update
its configuration by entering the following command:
- On vCenter Server Appliance:
/etc/init.d/vmware-rhttpproxy restart
- On vCenter Server for Windows:
From the Windows menu, choose
, right click the rhttpproxy service, and choose
Restart.
Example: A
vapi-endpoint.conf File Modified To Support HTTP connections for API
and REST
/vapiendpoint/health local 12346 allow allow
/vapiendpoint/resourcebundle local 12346 allow allow
/rest local 12346 allow allow
/site/api local 12346 redirect allow
/site/rest local 12346 redirect allow
/api/ local 12346 allow allow