If you decide to use a custom port for the HTTP Reverse Proxy (rhttpproxy) on vCenter Server which uses port 80 (HTTP) and 443 (HTTPS) by default, you should also apply the same change on all ESXi hosts being managed by that vCenter Server for proper functionality. The configuration files for the rhttpproxy has since changed from the early days of vSphere 5.x and in vSphere 6.x, there are now different.

Below are the instructions for modifying the default ports for rhttproxy service for both Windows vCenter Server, vCenter Server Appliance (VCSA) and ESXi host.

Note: If you change the default ports of your vCenter Server, you will need to ensure that all VMware/3rd Party products that communicate with vCenter Server are also modified.

vCenter Server for Windows

On Windows, you will need to modify C:\ProgramData\VMware\vCenterServer\cfg\vmware-rhttpproxy\config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the VMware HTTP Reverse Proxy service using Windows Services Manager.

vCenter Server Appliance (VCSA)

On the VCSA, you will need to modify /etc/vmware-rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

ESXi

On ESXi, you will need to modify /etc/vmware/rhttpproxy/config.xml and look for the following lines to change either the HTTP and/or HTTPs ports:

<httpPort>80</httpPort>
<httpsPort>443</httpsPort>

Once you have saved the changes, you will need to restart the rhttpproxy service by running the following command:

/etc/init.d/rhttpproxy restart

3 thoughts on “Quick Tip - Changing default port for HTTP Reverse Proxy on both vCenter Server & ESXi

  1. Hi Will,

    I tried this on a nested ESXi 6 host and once the https port is changed running any esxcli command results in a connection failure.

    Here’s the updated section in config.xml


    /etc/vmware/rhttpproxy/endpoints.conf


    80


    4443

    And here’s the console’s output;

    [root@localhost:/etc/vmware/rhttpproxy] /etc/init.d/rhttpproxy restart
    watchdog-rhttpproxy: Terminating watchdog process with PID 36328
    VMware HTTP reverse proxy stopped.
    VMware HTTP reverse proxy started.
    [root@localhost:/etc/vmware/rhttpproxy] esxcli
    Connect to localhost failed: Connection failure.

    Changing it back to 443 reestablishes normal functionality.

    Any ideas why it won’t work?

    Incidentally I tried it on ESX 5.0 and it works fine even though you need to allow the updated port through the firewall by adding a rule to /etc/vmware/firewall/service.xml. (http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1021199)

    Also, if I may, would you happen to know if the same procedure can be carried out on ESXi 5.1 and 5.5? I’m carrying out some testing on behalf of clients and I failed to find any reference or other posts which provide an answer.

    Thanks

    Jason

  2. {proxy}
    {!– default location of the proxy config file –}
    {endpoints}/etc/vmware/rhttpproxy/endpoints.conf{/endpoints}

    {!– HTTP port to be used by the reverse proxy –}
    {httpPort}80{/httpPort}

    {!– HTTPS port to be used by the reverse proxy –}
    {httpsPort}4443{/httpsPort}
    {/proxy}

    reposting config.xml bit using curly brackets instead …

  3. For ESXi it doesn’t work, the esxicli network will show nothing, the rhttpproxy restarts just fine but the ESXi will become unavailable to connect even on local lan

Thanks for the comment!