Configuring HTTP and HTTPS Fallback

Configure HTTP/HTTPS Fallback via the Connect Server GUI or aspera.conf.

Print this page

HTTP Fallback serves as a secondary transfer method when the Internet connectivity required for Aspera accelerated transfers (i.e., UDP port 33001, by default) is unavailable. When HTTP Fallback is enabled and UDP connectivity is lost or cannot be established, the transfer will continue over the HTTP protocol. The instructions below walk through the process of setting up HTTP/HTTPS fallback. For additional information on configuring different modes and testing, please refer to the Aspera KB Article "HTTP fallback configuration, testing and troubleshooting."

NOTE ON FASPEX CONFIGURATION: Faspex Server requires HTTP Fallback configuration in both the Faspex Server Web GUI and Enterprise/Connect Server. For the case when the Faspex Web server and transfer server are on the same machine, Administrators typically do not need to modify their Enterprise/Connect Server settings, since running the command asctl faspex:setup configures them automatically. However, for the case when the Faspex Web server and transfer server are on different machines, Administrators must configure the transfer server and firewall ports in ONE of the following ways:

  • HTTP/HTTPS enabled and set to defaults (8080 + 8443) AND firewall port open on 8080/8443.
  • HTTP/HTTPS enabled and set to standard ports (80 + 443) AND firewall port open on 80/443.

Additionally, the transfer server's fallback settings must match Faspex's fallback settings; otherwise, Faspex will return a "Package creation failed" error. This includes ensuring that the transfer server has HTTP/HTTPS fallback enabled; and that (within the Web GUI) Faspex has Server > Transfer Options > Enable HTTP Fallback and Server > Security > Encrypt Transfers (for HTTPS fallback) turned on. For security, Aspera highly recommends using HTTPS fallback. If HTTPS fallback is enabled on the transfer server, then encrypted transfers must be enabled in the Faspex Web GUI.

NOTE ON ENCRYPTION-AT-REST: When a transfer falls back to the HTTP protocol, Encryption-at-Rest is no longer supported. If fallback occurs while downloading, then--despite entering a passphrase--the files will remain encrypted (i.e., enveloped). If HTTP Fallback occurs while uploading, then--despite entering a passphrase--the files will NOT be encrypted (i.e., enveloped).

NOTE ON HTTPD: Ensure that your HTTP daemon (Aspera HTTPD) is running with sufficient privileges, so that it can modify file ownership.

  1. (Within Faspex Server administrative interface) Turn on HTTP Fallback.

    Log into your Faspex Server's administrative interface and navigate to Server > Configuration > Transfer Options . Check Enable HTTP Fallback.

    Enable HTTP Fallback in admin interface
  2. Confirm your HTTP Fallback port number.

    To confirm your HTTP Fallback port number, run the following asctl command in a Terminal window:

    $ asctl faspex:http_fallback_port
  3. (Within the Connect Server GUI) Configure HTTP/HTTPS Fallback settings.

    You may configure HTTP/HTTPS Fallback in the Aspera Connect Server GUI or modify aspera.conf. To edit your settings within the GUI, launch Connect Server and go to Configuration > Global (tab in left pane) > HTTP Fallback (tab in right pane) .

    • Set Enable HTTP to true.
    • If you want to allow fallback over HTTPS, set Enable HTTPS to true.

    To change your HTTP Fallback settings within aspera.conf, navigate to the following directory:

    /opt/aspera/etc/aspera.conf

    Confirm the HTTP Fallback settings within aspera.conf as shown in the example below. enable_http should be set to true, while the value shown for http_port should match that which was displayed when you ran the command asctl faspex:http_fallback_port in Step 2 (default: 8080).

    <CONF version="2">
  ...
  <http_server>
    ...
    <enable_http>true</enable_http>     <!-- Enable HTTP -->
    ...
    <http_port>8080</http_port>         <!-- HTTP port -->
  ...
  </http_server>
</CONF>

    After modifying aspera.conf, run the following command (from Enterprise Server's bin directory) to validate your updated configuration file:

    $ /opt/aspera/bin/asuserdata -v

What do you do if you need to change your HTTP Fallback port number?

In the event that you need to modify your HTTP Fallback port number, please use the following asctl command (replacing <port> with your new port number):

$ asctl faspex:http_fallback_port <port>

IMPORTANT NOTE: Do not use this command if the Faspex Web application and your transfer server are on the same machine. If you modify the HTTP fallback port for this particular setup, HTTP fallback will fail because Apache is hard-coded to route traffic to asperahttpd on port 8080.