vSphere Host Client

 View Only
  • 1.  Does this support using behind a reverse proxy?

    Posted Sep 16, 2015 01:36 PM

    Does this support being hosted behind an nginx/apache reverse proxy?

    I've tested it and it doesn't seem to work...



  • 2.  RE: Does this support using behind a reverse proxy?

    Broadcom Employee
    Posted Sep 16, 2015 11:04 PM

    There are some issues with reverse proxy and the assumptions about which URLs can be accessed absolutely.

    See the feedback page on the Fling site for a bit of analysis and a possible workaround.

    https://labs.vmware.com/flings/esxi-embedded-host-client#comment-538363



  • 3.  RE: Does this support using behind a reverse proxy?

    Posted Oct 17, 2015 06:06 PM

    Yes, this works fully with an Apache reverse proxy. This is my Apache config to make it all work:

    <VirtualHost *:443>

        ServerName esxi.example.com

        ServerAlias esxi

        SSLEngine On

        SSLCertificateFile /etc/ssl/certs/example.crt

        SSLCertificateKeyFile /etc/ssl/private/example.key

        SSLCertificateChainFile /etc/ssl/certs/sub.class2.server.ca.pem

        SSLProxyEngine On

        SSLProxyCACertificateFile /etc/ssl/certs/example.crt

        ProxyRequests Off

        ProxyPreserveHost On

        RewriteEngine on

        ProxyPass /sdk/ https://esxi/sdk/

        ProxyPassReverse /sdk/ https://esxi/sdk/

        ProxyPass /ticket/ wss://esxi/ticket/

        ProxyPassReverse /ticket/ wss://esxi/ticket/

        ProxyPassMatch ^(/screen.*)$ https://esxi.example.com$1

        ProxyPass / https://esxi/ui/ retry=1 keepalive=On

        ProxyPassReverse / https://esxi/ui/

        RequestHeader set X-Forwarded-HTTPS "0"

        CustomLog ${APACHE_LOG_DIR}/access_vmware.log combined

    </VirtualHost>



  • 4.  RE: Does this support using behind a reverse proxy?

    Posted Aug 07, 2016 09:16 PM

    Hi, this configuration didn't worked for me. I ended using these directives instead:

    RewriteEngine On
    RewriteCond %{REQUEST_URI} ^/ticket [NC,OR]
    RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR]
    RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC]
    RewriteRule .* wss://ip_address_or_server_name%{REQUEST_URI} [P,QSA,L]
    RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
    RewriteRule .* https://ip_address_or_server_name%{REQUEST_URI} [P,QSA,L]

    <Location /ticket>
    Require all granted
    ProxyPassReverse wss://ip_address_or_server_name/ticket
    ProxyPassReverseCookieDomain ip_address_or_server_name esx01.hostname.test
    </Location>

    <Location />
    Require all granted
    ProxyPassReverse https://ip_address_or_server_name/
    ProxyPassReverseCookieDomain ip_address_or_server_name esx01.hostname.test
    </Location>

    Also, please note you need to enable mod_proxy_wstunnel.



  • 5.  RE: Does this support using behind a reverse proxy?

    Posted Aug 26, 2016 08:28 AM

    Hello, can you post the entire config used for virtual host?

    i get HTTP Status 400 - Unable to process request



  • 6.  RE: Does this support using behind a reverse proxy?

    Posted Aug 26, 2016 08:30 AM

    not working ;

    i have esxi 6



  • 7.  RE: Does this support using behind a reverse proxy?

    Posted Sep 22, 2017 11:45 PM

    After 3 hours of hard work... below configuration worked fine for me. Hope it can help you too.

    I am using:

    • ESXi 6.5 u1 on Dell server
    • Apache 2.4.27 on windows 10 (WAMP Server 3.0.9 64bit)
    • Tested in Microsoft Edge & Chrome Version 61.0.3163.91 (Official Build) (64-bit)

    Virtual Host Settings:

    <VirtualHost *:443>

    ServerName esx1.YourServer.com

    SSLEngine On

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLCertificateFile "${INSTALL_DIR}/Cert/esx1.YourServer.com.crt"

    SSLCertificateKeyFile "${INSTALL_DIR}/Cert/esx1.YourServer.com.key"

    ##SSLCACertificateFile "${INSTALL_DIR}/Cert/intermediate.key"

    SSLProxyEngine on

    SSLProxyVerify none

    SSLProxyCheckPeerCN off

    SSLProxyCheckPeerName off

    SSLProxyCheckPeerExpire off

    ProxyRequests Off

    ProxyPreserveHost Off  

    RequestHeader set "X-Forwarded-Proto" "https"

    ProxyPass / https://192.168.1.101:443/

    ProxyPassReverse / https://192.168.1.101:443/

    </VirtualHost>