You can change the security configuration so that individual services are directly accessible through HTTP connections.

About this task

These steps are for version 5.0 and earlier. Beginning with 5.1, the file that needs to be modified is completely different. For instructions to modify the new file, see Change Security Settings for a Web Proxy Service.

Procedure

  1. Log in to the ESXi Shell as a user with administrator privileges.
  2. Change to the /etc/vmware/hostd/directorydirectory.
  3. Use a text editor to open the proxy.xml file.

    The contents of the file typically appears as follows.

    <ConfigRoot>
    <EndpointList>
    <_length>10</_length>
    <_type>vim.ProxyService.EndpointSpec[]</_type>
    <e id="0">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpsWithRedirect</accessMode>
    <port>8309</port>
    <serverNamespace>/</serverNamespace>
    </e>
    <e id="1">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpAndHttps</accessMode>
    <port>8309</port>
    <serverNamespace>/client/clients.xml</serverNamespace>
    </e>
    <e id="2">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpAndHttps</accessMode>
    <port>12001</port>
    <serverNamespace>/ha-nfc</serverNamespace>
    </e>
    <e id="3">
    <_type>vim.ProxyService.NamedPipeServiceSpec</_type>
    <accessMode>httpsWithRedirect</accessMode>
    <pipeName>/var/run/vmware/proxy-mob</pipeName>
    <serverNamespace>/mob</serverNamespace>
    </e>
    <e id="4">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpAndHttps</accessMode>
    <port>12000</port>
    <serverNamespace>/nfc</serverNamespace>
    </e>
    <e id="5">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpsWithRedirect</accessMode>
    <port>8307</port>
    <serverNamespace>/sdk</serverNamespace>
    </e>
    <e id="6">
    <_type>vim.ProxyService.NamedPipeTunnelSpec</_type>
    <accessMode>httpOnly</accessMode>
    <pipeName>/var/run/vmware/proxy-sdk-tunnel</pipeName>
    <serverNamespace>/sdkTunnel</serverNamespace>
    </e>
    <e id="7">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpsWithRedirect</accessMode>
    <port>8308</port>
    <serverNamespace>/ui</serverNamespace>
    </e>
    <e id="8">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpsOnly</accessMode>
    <port>8089</port>
    <serverNamespace>/vpxa</serverNamespace>
    </e>
    <e id="9">
    <_type>vim.ProxyService.LocalServiceSpec</_type>
    <accessMode>httpsWithRedirect</accessMode>
    <port>8889</port>
    <serverNamespace>/wsman</serverNamespace>
    </e>
    </EndpointList>
    </ConfigRoot>
  4. Change the security settings as required.

    For example, you might want to modify entries for services that use HTTPS to add the option of HTTP access.

    Option

    Description

    e id

    ID number for the server ID XML tag. ID numbers must be unique within the HTTP area.

    _type

    Name of the service you are moving.

    accessmode

    Forms of communication the service permits. Acceptable values include:

    • httpOnly – The service is accessible only over plain-text HTTP connections.

    • httpsOnly – The service is accessible only over HTTPS connections.

    • httpsWithRedirect – The service is accessible only over HTTPS connections. Requests over HTTP are redirected to the appropriate HTTPS URL.

    • httpAndHttps – The service is accessible both over HTTP and HTTPS connections.

    port

    Port number assigned to the service. You can assign a different port number to the service.

    serverNamespace

    Namespace for the server that provides this service, for example /sdk or /mob.

  5. Save your changes and close the file.
  6. Restart the hostd process:

    /etc/init.d/hostd restart