| Managing the Node API | |
Editing aspera.conf for your node configuration.
In your aspera.conf file, use the <server> section (shown below) to configure your node machines. The aspera.conf file is found in the following location:
| OS Version | File Location |
|---|---|
| 32-bit Windows | C:\Program Files (x86)\Aspera\Point-to-Point\etc\aspera.conf |
| 64-bit Windows | C:\Program Files\Aspera\Point-to-Point\etc\aspera.conf |
<server>
<server_name>your_hostname</server_name>
<!-- hostname or IP address -->
<http_port>9091</http_port>
<!-- integer (1 - 65535) -->
<https_port>9092</https_port>
<!-- integer (1 - 65535) -->
<enable_http>false</enable_http>
<!-- true | false -->
<enable_https>true</enable_https>
<!-- true | false -->
<cert_file> <!-- full path; .chain file same /path/filename -->
C:\Program Files\Aspera\Enterprise Server\etc\aspera_server_cert.pem
</cert_file>
<max_response_entries>1000</max_response_entries>
<!-- max entries to return in response -->
<max_response_time_sec>10</max_response_time_sec>
<!-- max seconds to wait for long operation -->
<db_dir>C:\Program Files\Aspera\Enterprise Server\var</db_dir>
<!-- path to dir where DB file will be saved -->
<db_port>31415</db_port>
<!-- integer (1 - 65535) -->
<enable_sslv2>true</enable_sslv2>
<!-- boolean true or false -->
<ssl_ciphers>TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:...</ssl_ciphers>
<!-- ssl_ciphers: see full default list in table below -->
<ssl_protocol>sslv23</ssl_protocol>
<!-- sslv3, sslv23, tlsv1, tlsv1.1, or tlsv1.2 -->
</server>
| Setting | Description | Default Value | To Activate Changes... |
|---|---|---|---|
| <server_name> | Hostname or IP address. | hostname | Restart node service |
| <http_port> | HTTP service port. | 9091 | Restart node service |
| <https_port> | HTTPS service port. | 9092 | Restart node service |
| <enable_http> | Enable HTTP for the Node API services. | false | Restart node service |
| <enable_https> | Enable HTTPS for the Node API services. | true | Restart node service |
| <cert_file> | Full pathname of SSL certificate (.pem and existing support for .chain). | C:\Program Files [(x86)]\Aspera\Point-to-Point\etc\aspera_server_cert.pem | Restart node service |
| <max_response_entries> | Maximum number of entries to return in a response.. | 1000 | Reload node configuration. |
| <max_response_time>s | Maximum amount of time to wait for a long-running operation. | 10 | Reload node configuration. |
| <db_dir> | Path to the directory where the database file is saved. Before changing this value, you should back up your database. See Redis DB Backup/Restore. | C:\Program Files [(x86)]\Aspera\Point-to-Point\var | Restart the node and DB services. |
| <db_port> | Database service port. Before changing this value, you should back up your database. See Redis DB Backup/Restore. | 31415 | Restart the node and DB services. |
| <ssl_ciphers> | The SSL encryption ciphers that the server will allow, each separated by a colon
(:). This option may also be set in the <client> section,
in which case, when this machine functions as a client, the specified ciphers
are requests to the server. If any of the ciphers in the server's allow list
coincide with those in the client's request list, communication is allowed;
otherwise it is denied. If you override this setting, the override is always used. However, if you do not override it, the default setting depends on the settings for <ssl_protocol>. If <ssl_protocol> is set to sslv23, then a large, relatively weak selection of suites is allowed. If the protocol is anything else, then a smaller, stronger selection of suites is allowed. Many older web browsers cannot handle the stronger set of suites, in which case you may encounter compatibility issues. |
All of the following:
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-AES256-SHA DHE-DSS-AES256-SHA AES256-SHA AES128-SHA256 DHE-RSA-AES128-SHA DHE-DSS-AES128-SHA RC2-CBC-MD5 |
Restart node service. |
| <ssl_protocol> | The SSL protocol versions that the server will allow. This option may also be set in
the <client> section, in which case, when this machine is a client,
the specified protocols function as requests to the server. If any of the
protocols in the server's allow list coincide with those in the client's request
list, communication is allowed; otherwise it is denied. Supported values: sslv3, tlsv1, tlsv1.1, tlsv1.2, and sslv23. Despite its name, specifying sslv23 (the default) allows all supported protocols, including all TLS versions. |
sslv23 | Restart node service. |
| <enable_sslv2> | Setting to true (default) enables SSLv2. If <ssl_protocol> is not set (or is explicitly set to its default sslv23), setting <enable_sslv2> to false allows only SSLv3 and TLSv1.x—that is, all protocols except SSLv2. If <ssl_protocol> is set to any value other than sslv23, settings for <enable_sslv2> settings have no effect. | true | Restart node service. |
> sc stop asperanoded > sc start asperanoded
> asnodeadmin.exe --reload
> sc stop asperanoded > asnodeadmin.exe --db-shutdown > sc start asperanoded