To fulfill load balancer or proxy requirements, you can change the default endpoint Web addresses for the vCloud Director Web Console, vCloud API, Tenant Portal, and console proxy.

If you deployed the vCloud Director appliance, you must configure the vCloud Director public console proxy address, because the appliance uses a single IP address with custom port 8443 for the console proxy service. See Step c.

Prerequisites

Only the system administrator can customize public endpoints.

Procedure

  1. Click the Administration tab and, in the left pane, click Public Addresses.
  2. Select Customize Public Endpoints.

    Deselecting this check box reverts all endpoints to their default values, which are not shown on the page.

  3. To customize the vCloud REST API and OpenAPI URLs, edit the API endpoints.
    1. Enter a custom HTTP base URL.

      For example, if you set the HTTP base URL to http://vcloud.example.com, you can access the vCloud API at http://vcloud.example.com/api, and you can access the vCloud OpenAPI at http://vcloud.example.com/cloudapi.

    2. Enter a custom HTTPS REST API base URL and click Browse to upload the certificates that establish the trust chain for that endpoint.

      For example, if you set the HTTPS REST API base URL to https://vcloud.example.com, you can access the vCloud API at https://vcloud.example.com/api, and you can access the vCloud OpenAPI at https://vcloud.example.com/cloudapi.

      The certificate chain must match the certificate used by the service endpoint, which is either the certificate uploaded to each vCloud Director cell keystore with alias http or the load balancer VIP certificate if an SSL termination is used. The certificate chain must include an endpoint certificate, intermediate certificates, and a root certificate in PEM format without a private key.

  4. To customize the vCloud Director Tenant Portal URLs, edit the Tenant Portal endpoints.
    • To configure the vCloud Director Tenant Portal to use the same endpoints and certificate chain that you specified in Step 3, select Copy API URL Settings.

    • To configure the vCloud Director Tenant Portal to use different endpoints and certificate chain, perform the following steps.

      1. Deselect Copy API URL Settings.

      2. Enter a custom HTTP base URL.

        For example, if you set the HTTP base URL to http://vcloud.example.com, you can access the Tenant Portal at http://vcloud.example.com/tenant/org_name.

      3. Enter a custom HTTPS REST API base URL and click Browse to upload the certificates that establish the trust chain for that endpoint.

        For example, if you set the HTTPS REST API base URL to https://vcloud.example.com, you can access the Tenant Portal at https://vcloud.example.com/tenant/org_name.

        The certificate chain must match the certificate used by the service endpoint, which is either the certificate uploaded to each vCloud Director cell keystore with alias http or the load balancer VIP certificate if an SSL termination is used. The certificate chain must include an endpoint certificate, intermediate certificates, and a root certificate in PEM format without a private key.

  5. To customize the vCloud Director Web Console URLs and the console proxy address, edit the Web Console endpoints.
    1. Enter a custom vCloud Director public URL for HTTP connections.

      The URL must include /cloud.

      For example, if you set the vCloud Director public URL to http://vcloud.example.com/cloud, you can access the vCloud Director Web Console at http://vcloud.example.com/cloud.

    2. Enter a custom REST API URL for HTTPS connections and click Browse to upload the certificates that establish the trust chain for that endpoint.

      The URL must include /cloud.

      For example, if you set the base URL to https://vcloud.example.com, you can access the vCloud Director Web Console at https://vcloud.example.com/cloud.

      The certificate chain must match the certificate used by the service endpoint, which is the certificate uploaded to each vCloud Director cell keystore with alias consoleproxy. SSL termination of console proxy connections at a load balancer is not supported. The certificate chain must include an endpoint certificate, intermediate certificates, and a root certificate in PEM format without a private key.

    3. Enter a custom vCloud Director public console proxy address.

      This address is the fully qualified domain name (FQDN) of the vCloud Director server or load-balancer with the port number. The default port is 443.

      Important:

      The vCloud Director appliance uses custom port 8443 for the console proxy service.

      For example, for a vCloud Director appliance with FQDN vcloud.example.com, enter vcloud.example.com:8443.

      The vCloud Director Web Console uses the console proxy address when opening a remote console window on a VM.

  6. To save your changes, click Apply.