You can change the security configuration so that individual services are directly accessible through HTTP connections.

To configure security settings for vSphere 5.0 and earlier, see Change Security Settings for a Web Proxy Service 5.0 and earlier.

1

Log in to the ESXi Shell as a user with administrator privileges.

2

Change to the /etc/vmware/rhttpproxy directory.

3

Use a text editor to open the endpoints.conf file.

4

Change the security settings as required.

For example, you might want to modify entries for services that use HTTPS to add the option of HTTP access.

Option

Description

connection-type

Acceptable values include:

local

remote

namedpipe

localtunnel

remotetunnel

namedpipetunnel

endpoint-address

For local and localtunnel, supply the port number.

For remote and remotetunnel, supply the HostName/IP_address:Port.

For namedpipe and namedpipetunnel, supply the location of the name pipe in the file system.

HTTP Access mode

Forms of communication the service permits. Acceptable values include:

allow - Allow HTTP access.

redirect – If the Endpoint address is a local port, then the client is redirected to 443. If the Endpoint address is a remote host, then the client is redirected to that host.

reject - No HTTP access.

HTTPS Access mode

Acceptable values include:

allow - Allow HTTPS access.

reject - Do not allow HTTPS access.

5

Save your changes and close the file.

The following example shows a completed endpoints.conf file.

# Endpoint Connection-type Endpoint-address HTTP-access-Mode HTTPS-access-mode
/ local 8309 redirect allow
/sdk local 8307 redirect allow
/client/clients.xml local 8309 allow allow
/ui local 8308 redirect allow
/vpxa local 8089 reject allow
/mob namedpipe /var/run/vmware/proxy-mob redirect allow
/wsman local 8889 redirect allow
/sdkTunnel namedpipetunnel /var/run/vmware/proxy-sdk-tunnel allow reject
/ha-nfc local 12001 allow allow
/nfc local 12000 allow allow

After you make the changes to the endpoints.conf file, make the reverse proxy reload the new endpoints by using the command kill -HUP <pid_of_rhttpproxy>