How to disable SSL and redirect to port 8333 VMWare Server 2.0
This article describes how to disable SSL protocol and redirect to port 8333 in VMware Server 2.0 in Linux
By default there are two ways in order to log-in to the VMware console; either using SSL connection (port 8333) or without it (port 8222). However logging without SSL is only allowed from a localhost on which wmvare server is being installed. Every connection attempt from a remote host to the VMware console on port 8222 (http://hostname:8222/ui) will end up with redirection to SSL channel on port 8333 (https://hostname:8333/ui).
To disable SSL communication (only for test or better performance purposes) and let the users to login via http protocol from a remote hosts we have to modify “proxy.xml” file located in /etc/vmware/hostd/ directory.Here’s how to do this:
- Shut down the vmware server; as a root user “/etc/init.d/vmware stop ; /etc/init.d/vmware-mgmt stop”
- Do a copy of an existing proxy.xml file and modify proxy.xml file as follows:
A default proxy.xml file should look like this:
user@host:~$ cat /etc/vmware/hostd/proxy.xml_bak <ConfigRoot> <httpPort>8222</httpPort> <httpsPort>8333</httpsPort> <EndpointList> <_length>5</_length> <_type>vim.ProxyService.EndpointSpec[]</_type> <e id="0"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode>httpAndHttps</accessMode> <pipeName>/var/run/vmware/proxy-webserver</pipeName> <serverNamespace>/</serverNamespace> </e> <e id="1"> <_type>vim.ProxyService.LocalServiceSpec</_type> <accessMode>httpsWithRedirect</accessMode> <port>8307</port> <serverNamespace>/sdk</serverNamespace> </e> <e id="2"> <_type>vim.ProxyService.LocalServiceSpec</_type> <accessMode>httpsWithRedirect</accessMode> <port>8308</port> <serverNamespace>/ui</serverNamespace> </e> <e id="3"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode>httpsOnly</accessMode> <pipeName>/var/run/vmware/proxy-vpxa</pipeName> <serverNamespace>/vpxa</serverNamespace> </e> <e id="4"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode>httpsWithRedirect</accessMode> <pipeName>/var/run/vmware/proxy-mob</pipeName> <serverNamespace>/mob</serverNamespace> </e> </EndpointList> </ConfigRoot>
To disable SSL, replace all occurrences of the values “httpsWithRedirect” to “httpAndHttps”
user@host:/etc/vmware/hostd$ cat proxy.xml <ConfigRoot> <httpPort>8222</httpPort> <httpsPort>8333</httpsPort> <EndpointList> <_length>5</_length> <_type>vim.ProxyService.EndpointSpec[]</_type> <e id="0"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode><strong>httpAndHttps</strong></accessMode> <pipeName>/var/run/vmware/proxy-webserver</pipeName> <serverNamespace>/</serverNamespace> </e> <e id="1"> <_type>vim.ProxyService.LocalServiceSpec</_type> <accessMode>httpAndHttps</accessMode> <port>8307</port> <serverNamespace>/sdk</serverNamespace> </e> <e id="2"> <_type>vim.ProxyService.LocalServiceSpec</_type> <accessMode><strong>httpAndHttps</strong></accessMode> <port>8308</port> <serverNamespace>/ui</serverNamespace> </e> <e id="3"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode><strong>httpAndHttps</strong></accessMode> <pipeName>/var/run/vmware/proxy-vpxa</pipeName> <serverNamespace>/vpxa</serverNamespace> </e> <e id="4"> <_type>vim.ProxyService.NamedPipeServiceSpec</_type> <accessMode><strong>httpAndHttps</strong></accessMode> <pipeName>/var/run/vmware/proxy-mob</pipeName> <serverNamespace>/mob</serverNamespace> </e> </EndpointList> </ConfigRoot>
3. Start up vmware services; /etc/init.d/vmware start ; /etc/init.d/vmware-mgmt start
Troubleshooting:
- Sometimes it is required to re-run vmware configuration script: /usr/bin/vmware-config.pl
- When running a configuration script, keep the current configuration – do not replace it with the a new one being proposed by the configuration script.
Cheers!!
