WilliamLam.com

  • About
    • About
    • Privacy
  • VMware Cloud Foundation
  • VKS
  • Homelab
    • Resources
    • Nested Virtualization
  • VMware Nostalgia
  • Apple
You are here: Home / ESXi / Quick Tip - Changing default port for HTTP Reverse Proxy on both vCenter Server & ESXi

Quick Tip - Changing default port for HTTP Reverse Proxy on both vCenter Server & ESXi

10.27.2015 by William Lam // 11 Comments

If you decide to use a custom port for the HTTP Reverse Proxy (rhttpproxy) on vCenter Server which uses port 80 (HTTP) and 443 (HTTPS) by default, you should also apply the same change on all ESXi hosts being managed by that vCenter Server for proper functionality. The configuration files for the rhttpproxy has since changed from the early days of vSphere 5.x and in vSphere 6.x, there are now different.

UPDATE (04/27/18) - With release of vSphere 6.7, VMware now officially supports customizing the Reverse HTTP(s) Ports on the VCSA. Below is a screenshot using the VCSA Installer UI and this can also be customized in the JSON configuration file using the VCSA CLI Installer for automation purposes.

Below are the instructions for modifying the default ports for rhttproxy service for both Windows vCenter Server, vCenter Server Appliance (VCSA) and ESXi host.

Note: If you change the default ports of your vCenter Server, you will need to ensure that all VMware/3rd Party products that communicate with vCenter Server are also modified.

vCenter Server for Windows

On Windows, you will need to modify C:\ProgramData\VMware\vCenterServer\cfg\vmware-rhttpproxy\config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the VMware HTTP Reverse Proxy service using Windows Services Manager.

vCenter Server Appliance (VCSA)

On the VCSA, you will need to modify /etc/vmware-rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

ESXi

Disclaimer: VMware does not officially support modifying the default HTTP/HTTPS ports on an ESXi host.

Pre-ESXi 8.0 - Use the following instructions:

On ESXi, you will need to modify /etc/vmware/rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

  • For ESXi 8.0 - Please see Changing the default HTTP(s) Reverse Proxy Ports on ESXi 8.0 for updated instructions
  • For ESXi 8.0 Update 1 and later - Please see Changing the default HTTP(s) Reverse Proxy Ports on ESXi 8.0 Update 1 for updated instructions

More from my site

  • How to change the default ports on the vCenter Server Appliance in vSphere 6.0?
  • Building minimal vSphere demo lab using VMware Fusion/Workstation with only 8GB memory?
  • Which Platform Services Controller (PSC) is my vCenter Server pointing to?
  • Tech Preview of Windows VC to VCSA Migration at VMworld
  • VMworld Session VCSA INF5975 & INF4528 available to public

Categories // ESXi, VCSA, vSphere, vSphere 6.0 Tags // ESXi, reverse proxy, rhttpproxy, vCenter Server, vcenter server appliance, VCSA, vcva

Comments

  1. *protectedJason Fenech says

    01/27/2016 at 1:45 am

    Hi Will,

    I tried this on a nested ESXi 6 host and once the https port is changed running any esxcli command results in a connection failure.

    Here's the updated section in config.xml


    /etc/vmware/rhttpproxy/endpoints.conf


    80


    4443

    And here's the console's output;

    [root@localhost:/etc/vmware/rhttpproxy] /etc/init.d/rhttpproxy restart
    watchdog-rhttpproxy: Terminating watchdog process with PID 36328
    VMware HTTP reverse proxy stopped.
    VMware HTTP reverse proxy started.
    [root@localhost:/etc/vmware/rhttpproxy] esxcli
    Connect to localhost failed: Connection failure.

    Changing it back to 443 reestablishes normal functionality.

    Any ideas why it won't work?

    Incidentally I tried it on ESX 5.0 and it works fine even though you need to allow the updated port through the firewall by adding a rule to /etc/vmware/firewall/service.xml. (http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1021199)

    Also, if I may, would you happen to know if the same procedure can be carried out on ESXi 5.1 and 5.5? I'm carrying out some testing on behalf of clients and I failed to find any reference or other posts which provide an answer.

    Thanks

    Jason

    Reply
  2. *protectedJason Fenech says

    01/27/2016 at 1:50 am

    {proxy}
    {!-- default location of the proxy config file --}
    {endpoints}/etc/vmware/rhttpproxy/endpoints.conf{/endpoints}

    {!-- HTTP port to be used by the reverse proxy --}
    {httpPort}80{/httpPort}

    {!-- HTTPS port to be used by the reverse proxy --}
    {httpsPort}4443{/httpsPort}
    {/proxy}

    reposting config.xml bit using curly brackets instead ...

    Reply
  3. *protectedblacksharkmedia says

    06/14/2016 at 3:53 am

    For ESXi it doesn't work, the esxicli network will show nothing, the rhttpproxy restarts just fine but the ESXi will become unavailable to connect even on local lan

    Reply
  4. *protectedMarcos Eduardo Ricchetti says

    11/18/2016 at 7:56 am

    Man. Tks a LOT !!

    Reply
  5. *protectedAndrew says

    11/24/2016 at 4:39 am

    So are we saying that if you change the https port you can no longer connect to the host on LAN? I've chnaged the https port in the: /etc/vmware-rhttpproxy/config.xm file to 4443 and in the VpxClient.exe.config file on my laptop to 4443 and I am unable to connect to the host via the vShpere client...this is all pointless...all I want to do is connect to it from the office and home and 443 is busy for me on my external firewall....any ideas anyone?? Many thanks Andrew

    Reply
  6. *protectedMartin Yates says

    11/30/2016 at 5:19 am

    Hi Andrew - I cant help, but I am seeking the steps to do the same thing on 5.5 ESx ! I have a VM host at home and I have got the following to work :
    WIndows vSphere client on 443 -> hits my router - router has port forwarding 443 set to -> VMWare host ip.

    Now, I want to use 443 for Exchange, to setup active synch etc, so i want to change the ports for accessing my VMhost.

    Yes I got as far as finding the config file at /etc/vmware/config.xml

    I access my server with Putty -
    I can add lines to this file to change the ports, but I cant save it - it says the file is read only. I found a KB saying I need to copy the file, edit it, and then save it back ! This can apparently be done with "vifs" in the console.

    But I cant find "vifs" - is it part of the console commands in 5.5?

    Reply
  7. *protectedMartin Yates says

    11/30/2016 at 8:36 am

    just to rectify my typo in the abovethe above, the config file is held at

    /etc/vmware/hostd.config.xml

    Reply
  8. *protectedSatendra says

    09/04/2018 at 12:04 am

    thanks for posting, it's very helpful & success. after changes prot VC is working fine.

    Reply
    • *protectedSatendra says

      09/04/2018 at 12:06 am

      C:\ProgramData\VMware\vCenterServer\cfg\vmware-rhttpproxy\config.xml

      go through this path & changes.

      Reply
  9. *protectedBruce says

    02/26/2019 at 7:27 pm

    Hi,
    If I changed http 80 to others. esxcli will not work and shows IO error.
    If any available method to solve this problem.

    Reply
    • *protectedAgnes says

      03/22/2019 at 12:10 am

      Even I am seeing the same behavior

      Reply

Thanks for the comment!Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Search

Thank Author

Author

William is Distinguished Platform Engineering Architect in the VMware Cloud Foundation (VCF) Division at Broadcom. His primary focus is helping customers and partners build, run and operate a modern Private Cloud using the VMware Cloud Foundation (VCF) platform.

Connect

  • Bluesky
  • Email
  • GitHub
  • LinkedIn
  • Mastodon
  • Reddit
  • RSS
  • Twitter
  • Vimeo

Recent

  • Programmatically accessing the Broadcom Compatibility Guide (BCG) 05/06/2025
  • Quick Tip - Validating Broadcom Download Token  05/01/2025
  • Supported chipsets for the USB Network Native Driver for ESXi Fling 04/23/2025
  • vCenter Identity Federation with Authelia 04/16/2025
  • vCenter Server Identity Federation with Kanidm 04/10/2025

Advertisment

Privacy & Cookies: This site uses cookies. By continuing to use this website, you agree to their use.
To find out more, including how to control cookies, see here: Cookie Policy

Copyright WilliamLam.com © 2025

 

Loading Comments...