Nginx + Letsencrypt + Aria2

Page content

Most websites supports HTTPS right now. So I decided to re-configure my download server to HTTPS in weekend, and update aria2 to latest version.


  • VPS
    • OpenVZ VPS
  • OS
    • Debian 9.12
    • Kernel 2.6.32
  • Softwares
    • aria2 1.35.0
    • AriaNg 1.1.4
    • Letsencrypt/certbot 0.28.0
    • Nginx 1.10.3

1. Static build aria2

1.1 Download aria2 source code

The latest aria2 release v1.35.0 is available from github.

1.2 Install dependencies

* Caution
It seems that libgnutl is *NOT* compartible with aria2, and it caused the error:
**/usr/bin/ld: cannot find -lp11-kit**

1.2.1 Remove libgnutl

# apt remove --purge libgnutls30 libgnutls28-dev

1.2.2 Install necessary packages

# apt install -y libcurl4-openssl-dev libevent-dev ca-certificates libssl-dev pkg-config \
build-essential intltool libgcrypt-dev libssl-dev libxml2-dev libc-ares-dev libssl-dev \
libsqlite3-dev lzma liblzma-dev libicu-dev zlib1g-dev

1.3 Compile aria2 source code

$ cd aria2
$ autoreconf -i
$./configure ARIA2_STATIC=yes
$ make
# make install

This installs aria2c to /usr/local/bin.

2. Install nginx and AriaNG

2.1 Install nginx

# apt install nginx

2.2 Download AriaNg

The latest AriaNg is available from github. Here I use the file.

After de-compress the zip file, mv the whole directory to /var/www:

# mv AiraNg /var/www/ariang

2.3 Configure an Nginx server conf file

Create a configuration file: /etc/nginx/sites-available/ariang, and its content is:

server {
    server_name <your-domain>;
    location / {
        root /var/www/ariang;

Enable this website by create a symbolic link:

# cd /etc/nginx/sites-enabled
# ln -s /etc/nginx/sites-available/ariang .

Restart nginx server, you would see the website online.

# systemctl restart nginx

3. Enable HTTPS by certbot (Let’s Encrypt)

# apt-get install certbot python-certbot-nginx
# certbot --nginx

Now the ariang configuration file has been modified by certbot:

server {
    server_name <your-domain>;
    location / {
        root /var/www/ariang;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/<your-domain>/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/<your-domain>/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

server {
    if ($host = <your-domain>) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    server_name <your-domain>;
    listen 80;
    return 404; # managed by Certbot


Restart nginx service:

# systemctl restart nginx

It would be better to test automatic renewer:

# certbot renew --dry-run

4. Enable certificate for aria2

Detailed aria2.conf file is available at 通过 frp 穿透内网访问树莓派的 aria2.

Simple insert these lines:




Then restart aria2:

# aria2c --conf-path=$HOME/aira2/aria2.conf

Now everything is OK! Have fun!

A. References

  1. aria2 manual
  3. nginx documentation
  4. certbot instructions
  5. Linux部署最新版Aria2+AriaNG