banner
moeyy

moeyy

一条有远大理想的咸鱼。
github
mastodon
email
HomeArchivesNextJS BlogApps

How to connect Aria2 using Https/WebSocket (secure) protocol with AriaNg

235
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
The document provides a guide on how to connect AriaNg to Aria2 using HTTPS/WebSocket for secure communication. It emphasizes the need for an SSL certificate when accessing AriaNg via an HTTPS domain. The steps include: 1. **Applying for an SSL Certificate**: If the server already has an HTTPS site, this step can be skipped. Otherwise, a domain must be pointed to the Aria2 server, and an SSL certificate can be obtained using various methods, such as through the Baota panel or Caddy. 2. **Modifying the Configuration File**: The Aria2 configuration file (`aria2.conf`) needs to be edited to enable SSL/TLS encryption and specify the paths to the SSL certificate and private key. After making these changes, Aria2 should be restarted to apply the new settings. Once configured, users can connect to Aria2 using HTTPS and WebSocket securely by entering the domain and key in the AriaNg settings.

Note: AriaNg is considered by the author to be the best Web front-end panel for Aira2, supporting Http(s) or Websocket(Security) protocols. If we access the AriaNg panel using an https domain, it will force you to use Https and Websocket (secure) protocols. The earliest panels did not enforce this, but if you use it, you should definitely use the latest version. At this point, you need to configure a certificate for Aria2 simply, and then you can connect using Https and Websocket (secure) protocols. Here’s how to do it.

Method#

1. Apply for an SSL Certificate

Tip: If the server where Aria2 is installed already has an existing HTTPS site, you can skip this step and directly use that site's domain name.

First, resolve a domain name to the server where Aria2 is installed, and then apply for SSL as follows:

1. Baota Panel: Left side website - Add site - Site settings - SSL - Apply for Let's Encrypt.
2. LNMP installation package: When adding a domain using commands, there is an option to apply for SSL.

If the server only has Aria2 installed or does not have a Web environment, you can use Caddy to apply for it using the command:

# Install Caddy
curl https://getcaddy.com | bash -s personal
# Apply for SSL, modify the following to your own domain and email
caddy -host www.moeyy.cn -email [email protected] -agree

Note that for CentOS systems, you also need to open port 80, otherwise, using Caddy to issue a certificate will fail. Open it as follows:

# CentOS 6
iptables -I INPUT -p tcp --dport 80 -j ACCEPT
service iptables save
service iptables restart

# CentOS 7
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload

The path of the SSL certificate after successful application is as follows:

# Specific to your own domain
/root/.caddy/acme/acme-v02.api.letsencrypt.org/sites/www.moeyy.cn

You will find the crt and key certificate files for the domain.

2. Modify the Configuration File
Edit the Aria2 configuration file aria2.conf. If you do not know the path, you can use the command to find it:

find / -name aria2.conf

Modify as follows:

# Whether to enable SSL/TLS encryption for RPC service
rpc-secure=true
# Path to the crt certificate file for the applied domain, modify as needed
rpc-certificate=/home/www.moeyy.cn.crt
## Path to the key certificate file for the applied domain, modify as needed
rpc-private-key=/home/www.moeyy.cn.key

If the configuration file does not have the above parameters, you can manually add them. After modification, restart Aria2 to take effect. At this point, both Https and Websocket (secure) protocols can be used, and when configuring RPC information in AriaNg, simply fill in the domain and key.

Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.