vCenter 6.5 Web Client with UI Redirects

Dear all,

i am having again trouble with the vCenter VCSA 6.5.
I got a working set of a config file which does work. Yet not in the way i wanted it to.
This is my config so far.
    header / Strict-Transport-Security "max-age=31536000;"
    # This is for

log {{ caddy_log_path }}/access.log
errors {{ caddy_log_path }}/error.log
    # For debugging (shows errors to the client directly)
    # errors visible

tls {
    load {{ caddy_ssl_certificates_path }}

proxy /vsphere-client {
    without /vsphere-client

proxy / {
    # does not work with transparent because of internal sso rewrites 

What i want is also a transparent proxy in front also for the UI part.
The vsphere-client (Old, Flash) works perfectly this way.

No customer is seeing the URL of the VCSA itself.

While with the UI, it does some nasty internal rewrites with /saml/websso/sso or /websso/SAML2/SSO.
When i use “without /ui” it ends up in an invinite loop.

With filter or rewrite i was not lucky. Yet i think it did something very wrong.
All the few examples on docs or github are not really helpfull in this case.

Maybe you (the community) has any help on that front?

What i need is a transparent proxy also for the UI, so that our customers won’t see the URL of the vcsa.
Which is now the case. The working directly on the vcsa with this config for the UI.


This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.