Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
[日本語]AMIMOTO + SSL(Let’s Encrypt)= HTTP/2
Search
Amimoto - Flexible Cloud WordPress Hosting
March 18, 2016
How-to & DIY
1.2k
0
Share
Embed
Copy iframe code
Copy JS code
Copy link
Start on current slide
[日本語]AMIMOTO + SSL(Let’s Encrypt)= HTTP/2
AMIMOTOへの Let’s Encrypt の導入方法
Amimoto - Flexible Cloud WordPress Hosting
March 18, 2016
More Decks by Amimoto - Flexible Cloud WordPress Hosting
See All by Amimoto - Flexible Cloud WordPress Hosting
[日本語] AMIMOTO-AMI Lineup
amimoto
0
180
EdgeCase - A speaker series by J2 Design
amimoto
0
380
Progress the system operation drastically with Cloud Automator — AMIMOTO side—
amimoto
0
210
[東京]Cloud_Automatorで攻めのシステム運用 AMIMOTO スタック編
amimoto
0
910
AMIMOTO Design Pattern + Server-less Architecture
amimoto
0
530
WooCommerce with Elasticsearch
amimoto
1
490
[日本語] WooCommerce with Elasticsearch
amimoto
0
270
Amazon CloudFront with AWS Certificate Manager
amimoto
0
230
WordPress with CloudFront + AMAZON RDS + S3
amimoto
1
720
Other Decks in How-to & DIY
See All in How-to & DIY
M5StickS3触ってXiaoZhiAI触ってみた #にぼし香 #iotlt
n0bisuke2
0
270
AWS Community/JAWS-UG Update - JAWS-UG 上越妙高支部リブート
awsjcpm
2
120
JAWS-UG/AWS Community Update - JAWS-UG栃木 #6
awsjcpm
0
130
JAWS-UGとAWS - JAWS-UG彩の国埼玉設立のお祝い
awsjcpm
2
730
[電子工作]クリップモーターをつくろう
oriontakemura
1
830
多摩ニュータウンを、 味わう
aokiplayer
2
700
猟銃所持許可を取ってみた
kenkino
2
170
How to make the Groovebox
asonas
2
2.3k
お前も同人作家にならないか? 技術系同人誌制作入門
arkw
3
110
The Definitive? Guide To Locally Organizing RubyKaigi
sylph01
9
3.9k
地方カンファレンスのスタッフしてて思うこと
yumechi
0
230
登壇資料を素早く作るための順番
kotomin_m
8
2.2k
Featured
See All Featured
Highjacked: Video Game Concept Design
rkendrick25
PRO
1
400
Designing Dashboards & Data Visualisations in Web Apps
destraynor
231
55k
The State of eCommerce SEO: How to Win in Today's Products SERPs - #SEOweek
aleyda
2
11k
Between Models and Reality
mayunak
4
360
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
128
56k
Deep Space Network (abreviated)
tonyrice
0
220
Bash Introduction
62gerente
615
220k
Navigating the moral maze — ethical principles for Al-driven product design
skipperchong
2
410
Lightning Talk: Beautiful Slides for Beginners
inesmontani
PRO
2
600
Lightning talk: Run Django tests with GitHub Actions
sabderemane
0
220
For a Future-Friendly Web
brad_frost
183
10k
What does AI have to do with Human Rights?
axbom
PRO
1
2.2k
Transcript
@Amimoto_Ami amimoto-ami.com AMIMOTO (HHVM) + SSLʢLet's Encryptʣ
SSL ূ໌ॻͱ
ূ໌ॻͷ༗ޮظݶ اۀͷॴࡏ ೝূہͷใ اۀ໊ SSL ূ໌ॻʹؚ·ΕΔใ
αΠτ͕SSL/TLS Λ͍ͬͯΔ͔Λݟ͚Δʹ
SSL CERTIFICATE Λ͏ϝϦοτ
HTTP/2 SEO ৴པੑ
SSL ূ໌ॻΛ Θͳ͍Ͱ͍Δ ͱ……
SSL ূ໌ॻͷ औಘɾઃఆํ๏
ෳυϝΠϯͷূ໌ॻ υϝΠϯຖʹূ໌ॻ ༗ྉͷ SSL ূ໌ॻ
ແྉͰࣗಈͰΦʔϓϯͳ SSL ূ໌ॻ
Ϩοπ Πϯετʔϧ Let’s Encrypt!
AWS ίϯιʔϧϩάΠϯ͠·͢
Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢
Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢
Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢
EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢
EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢
EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢
EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢
(HTTP/2) Next Generation Preview AMI Λϩʔϯν
ΠϯελϯεαΠζΛબ͠·͢
ΠϯελϯεͷઃఆσϑΥϧτͷ··ͰOKͰ͢
ΠϯελϯεͷઃఆσϑΥϧτͷ··ͰOKͰ͢
ΠϯελϯεͷઃఆσϑΥϧτͷ··ͰOKͰ͢
ηΩϡϦςΟάϧʔϓ HTTPS(443) ΛՃ͠·͢
EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢
SSH ΞΫηεʹඞཁͳΩʔϖΞΛ࡞͠·͢
HTTP/2 Next Generation Preview AMI ͕ىಈத
Elastic IP Λىಈͨ͠ΠϯελϯεׂΓͯ·͢
ׂΓͯΔΠϯελϯεID Λબ
Elastic IP ͷׂΓͯྃ
EC2ΠϯελϯεʹElastic IP ͕දࣔ͞Ε·ͨ͠ɻ
࡞ͨ͠ΠϯελϯεSSH ͰΞΫηε͠·͢
WordPress ΛΠϯετʔϧ͠·͢ 1. SSH ͰαʔόΞΫηε: $ ssh -i ~/example.pem ec2-user@ΠϯελϯεͷIPΞυϨε
·ͨ $ ssh -i ~/example.pem
[email protected]
2. ύοέʔδΛ࠷৽൛ߋ৽: $ sudo yum update 3. WordPress ͷΠϯετʔϧ: $ sudo /usr/local/bin/wp-setup example.com
pip ͱ Let’s Encrypt ΛΠϯετʔϧ 4. Python ͷόʔδϣϯʹ߹͏ pip ͱvirtualenv
ΛΠϯετʔϧ: $ sudo yum install python27-pip python27-virtualenv augeas-libs dialog gcc libffi-devel openssl-devel system-rpm-config 5. Let’s Encrypt ΛΠϯετʔϧ: $ sudo virtualenv /opt/letsencrypt/ $ sudo /opt/letsencrypt/bin/pip install letsencrypt 6. ূ໌ॻΛ࡞: $ sudo /opt/letsencrypt/bin/letsencrypt certonly -t -d example.com - a webroot --webroot-path=/var/www/vhosts/example.com/ --rsa-key-size 2048 --server https://acme-v01.api.letsencrypt.org/directory 7. ظݶΕͷ͓ΒͤϦΧόϦ༻ͷϝʔϧΞυϨεΛઃఆ
pip ͱ Let’s encrypt ͷΠϯετʔϧ 8. nginx ͷઃఆϑΝΠϧΛίϐʔͯ͠ SSL ͚ʹϦωʔϜ͠·͢:
$ sudo cp /etc/nginx/conf.d/default-ssl.conf /etc/nginx/conf.d/ example.com-ssl.conf 9. ίϐʔͨ͠ઃఆϑΝΠϧ example.com-ssl.conf Λฤू͠·͢: $ sudo vi /etc/nginx/conf.d/example.com-ssl.conf
มߋޙͷ example.com-ssl.conf server { listen 443 ssl http2; server_name example.com;
root /var/www/vhosts/example.com; index index.html index.htm; charset utf-8; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AESGCM:HIGH:!aNULL:!MD5; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;
HTTP → HTTPS ͷϦμΠϨΫτઃఆ 10.example.com.conf ʹ HTTPS ͷϦμϨΫτઃఆΛ͠·͢: $ sudo
vi /etc/nginx/conf.d/example.com.conf server { listen 80; server_name example.com; root /var/www/vhosts/example.com; return 301 https://$host$request_uri; index index.html index.htm; charset utf-8; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;
pip ͱ Let’s encrypt ͷΠϯετʔϧ 11.มߋ༰Λө͢ΔͨΊ nginx Λ࠶ىಈ͠·͢: $
sudo service nginx restart
SETUP YOUR WORDPRESS
Πϯελϯε ID Λೖྗͯ͠ WordPress ͷઃఆΛྃͤ͞·͠ΐ͏
http://amimoto-ami.com/slack/ Questions:
@Amimoto_Ami amimoto-ami.com THANK YOU! AMIMOTO (HHVM) + SSLʢLet's Encryptʣ