HTTP Configuration for Web Services API Endpoint
You can modify the Web Services API endpoint configuration to accept HTTP connections, in addition to or instead of HTTPS connections.
This procedure applies to version 5.5 or later ESXi, vCenter Server Appliance, or vCenter Server for Windows.
You can modify ESXi configuration from a shell window over an SSH connection, using the following procedure. If you do not have SSH enabled, use the appropriate vSphere CLI command to obtain the configuration file from the server, modify the file to support HTTP, and move the file back to the ESXi system. For more information about the vSphere CLI command syntax, see the vSphere CLI Installation and Reference Guide.
To modify the Web proxy service to support HTTP on ESXi or vCenter Server for Windows
1
Log in to a shell window or File Explorer with root or administrator privileges.
2
Change directories to the location of the endpoint configuration file.
The location differs, depending on the platform.
For ESXi:
/etc/vmware/rhttpproxy
For vCenter Server for Windows:
C:\Program Data\VMware\vCenterServer\cfg\vmware-rhttpproxy\endpoints.conf.d
3
Copy the endpoints.conf file to a temporary directory for editing.
On ESXi:
# cp endpoints.conf /tmp/endpoints.conf
On vCenter Server for Windows, use File Explorer to copy the file.
4
Change the permissions on the temporary endpoints.conf file to allow editing.
On ESXi:
# chmod +w /tmp/endpoints.conf
On vCenter Server for Windows, right click the file in File Explorer and select Properties to change file permissions.
5
Use a text editor to open the temporary file.
On ESXi:
# vi /tmp/endpoints.conf
On vCenter Server for Windows, choose any text editor, such as Notepad, from the Start menu.
6
Navigate to the line that specifies the endpoints for SDK connections, which begins with /sdk.
The line looks similar to this:
/sdk    local    8085               redirect     allow
7
To enable HTTP connections, change the word redirect to allow.
When configured to allow both HTTP and HTTPS connections, the /sdk line looks similar to this:
/sdk    local    8085               allow     allow
8
(Optional) If you prefer to completely disable HTTPS, change the last word to reject instead of allow.
When configured to allow only HTTP connections, the /sdk line looks similar to this:
/sdk    local    8085               allow     reject
9
(Optional) Change the setting for the Managed Object Browser as well.
When configured to allow both HTTP and HTTPS connections, the /mob line looks similar to this:
/mob    local    8085               allow     allow
10
Save your settings and close the file.
11
Change the permissions on the temporary file to disable editing.
On ESXi:
# chmod -w /tmp/endpoints.conf
On vCenter Server for Windows, right click the file in File Explorer and select Properties to change file permissions.
12
Copy the original endpoints.conf file to a backup file.
On ESXi:
# cp endpoints.conf endpoints.conf.old
On vCenter Server for Windows, use File Explorer to copy the file.
13
Copy the temporary file endpoints.conf file back, replacing the original endpoints.conf file.
On ESXi:
# cp /tmp/endpoints.conf endpoints.conf
On vCenter Server for Windows, use File Explorer to copy the file.
14
Signal the reverse proxy service to update its configuration by entering the following command:
On ESXi:
/etc/init.d/rhttpproxy restart
On vCenter Server for Windows:
From the Windows menu, choose Control Panel > Administrative Tools > Services, right click the rhttpproxy service, and choose Restart.
Example: An endpoints.conf File Modified To Support HTTP connections to the SDK and the MOB
/ local 8309                       redirect allow
/sdk local 8307                       allow allow
/client/clients.xml local 8309                       allow allow
/ui local 8308                       redirect allow
/vpxa local 8089                       reject allow
/mob namedpipe       /var/run/vmware/proxy-mob allow allow
/wsman local 8889                       redirect allow
/sdkTunnel namedpipetunnel /var/run/vmware/proxy-sdk-tunnel allow reject
/ha-nfc local 12001                       allow allow
/nfc local 12000                       allow allow
/folder local 8309                       redirect allow
/host local 8309                       redirect allow
/tmp local 8309                       redirect allow
/screen local 8309                       redirect allow
/guestFile local 8309                       redirect allow
/cgi-bin local 8309                       redirect allow
 
To modify the Web proxy service to support HTTP on vCenter Server Appliance
1
Log in to a shell window with root privileges.
2
Change directories to the location of the endpoint configuration file.
For vCenter Server Appliance:
cd /etc/vmware-rhttpproxy/endpoints.conf.d
3
Copy the endpoints.conf file to a temporary directory for editing.
On vCenter Server Appliance:
# cp vpxd-rhttpproxy-endpoint.conf /tmp/vpxd-rhttpproxy-endpoint.conf
4
Change the permissions on the temporary vpxd-rhttpproxy-endpoint.conf file to allow editing.
On vCenter Server Appliance:
# chmod +w /tmp/vpxd-rhttpproxy-endpoint.conf
5
Use a text editor to open the temporary file.
On vCenter Server Appliance:
# vi /tmp/vpxd-rhttpproxy-endpoint.conf
6
Navigate to the line that specifies the endpoints for SDK connections, which begins with /sdk.
The line looks similar to this:
/sdk    local    8085               redirect     allow
7
To enable HTTP connections, change the word redirect to allow.
When configured to allow both HTTP and HTTPS connections, the /sdk line looks similar to this:
/sdk    local    8085               allow     allow
8
(Optional) If you prefer to completely disable HTTPS, change the last word to reject instead of allow.
When configured to allow only HTTP connections, the /sdk line looks similar to this:
/sdk    local    8085               allow     reject
9
(Optional) Change the setting for the Managed Object Browser as well.
When configured to allow both HTTP and HTTPS connections, the /mob line looks similar to this:
/mob    local    8085               allow     allow
10
Save your settings and close the file.
11
Change the permissions on the temporary file to disable editing.
On vCenter Server Appliance:
# chmod -w /tmp/vpxd-rhttpproxy-endpoint.conf
12
Copy the original endpoints.conf file to a backup file.
On vCenter Server Appliance:
# cp vpxd-rhttpproxy-endpoint.conf vpxd-rhttpproxy-endpoint.conf.old
13
Copy the temporary file endpoints.conf file back, replacing the original endpoints.conf file.
On vCenter Server Appliance:
# cp /tmp/vpxd-rhttpproxy-endpoint.conf vpxd-rhttpproxy-endpoint.conf
14
Signal the reverse proxy service to update its configuration by entering the following command:
On vCenter Server Appliance:
/etc/init.d/vmware-rhttpproxy restart
For an example of the contents of a vpxd-rhttpproxy-endpoint.conf file modified to support HTTP connections, see An endpoints.conf File Modified To Support HTTP connections to the SDK and the MOB.
Help us improve this information. Send feedback to docfeedback@vmware.com.