How to Configure SSL Timeout on an ESXi Host

You can configure SSL timeout periods for two types of idle connections:

  • The Read Timeout setting applies to connections that have completed the SSL handshake process with port 443 of ESXi.
  • The Handshake Timeout setting applies to connections that have not completed the SSL handshake process with port 443 of ESXi.

Both of these timeout values are set in milliseconds. In order to change the timeouts you need to log onto the ESXi hosts console and edit the config.xml file, which can be found in /etc/vmware/hostd:

The two settings to be changed are  ‘readTimeoutMs’ and ‘handshakeTimeoutMs’. For example, to set the Read Timeout to 20 seconds: <readTimeoutMs>20000</readTimeoutMs>.

Once you have changed the setting(s), you will need to restart the hostd process:

/etc/init.d/hostd restart

Useful Links and Resources

vSphere Security Guide

Related posts

VMware vSphere Virtual Machine Snapshots Explained

How to Enable SSH on All ESXi Hosts using PowerCLI

How to Install VMware Tools on Debian 11

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More