VMware

vSphere VCSA: Cannot add a (http) https proxy

Leave a comment


Hi,

with the VCSA Gui it is not possible to to enter a http proxy for https target URLs. An error: HTTPS Cannot connect to proxy server occurs.

The most linux tools accept http URLs in the HTTPS_PROXY variable and this also works with the VCSA.

It’s possible to bypass this check. Open a ssh connection and edit the file /etc/sysconfig/proxy and set HTTP_PROXY und HTTPS_PROXY.

# Enable a generation of the proxy settings to the profile.
# This setting allows to turn the proxy on and off while
# preserving the particular proxy setup.
#
PROXY_ENABLED="yes"

# Some programs (e.g. wget) support proxies if set in
# the environment.
# Example: HTTP_PROXY="http://proxy.provider.de:3128/"
HTTP_PROXY="http://myProxy.myDomain.org:8081"

# Example: HTTPS_PROXY="https://proxy.provider.de:3128/"
HTTPS_PROXY="http://myProxy.myDomain.org:8081"

# Example: FTP_PROXY="http://proxy.provider.de:3128/"
FTP_PROXY=""

# Example: GOPHER_PROXY="http://proxy.provider.de:3128/"
GOPHER_PROXY=""

# Example: SOCKS_PROXY="socks://proxy.example.com:8080"
SOCKS_PROXY=""

# Example: SOCKS5_SERVER="office-proxy.example.com:8881"
SOCKS5_SERVER=""

# Example: NO_PROXY="www.me.de, do.main, localhost"
NO_PROXY="localhost, 127.0.0.1,.*myDomain.org,10.200.10.0/24"

save the file and reboot the VCSA appliance.

IMPORTEND: When setting https_proxy I highly recommend to also set the NO_PROXY variable because vCenter will try to reach some services of the ESXi host via proxy. This will usually fail. At your domains in the RegEx (.*.myDomain.org) syntax and also add your local subnets. See example config above. Otherwise you get some unexspected behaviours. For example the import of an OVF tempate fails with error: ThrowableProxy.cause A general system error occurred: Transfer failed: Invalid response code: 502, note that HTTP/s proxy is configured for the transfer.

Michael

Leave a Reply Cancel reply