Upgrade to Pro — share decks privately, control downloads, hide ads and more …

[日本語]AMIMOTO + SSL(Let’s Encrypt)= HTTP/2

Avatar for Amimoto - Flexible Cloud WordPress Hosting Amimoto - Flexible Cloud WordPress Hosting
March 18, 2016
How-to & DIY
0
1.2k

[日本語]AMIMOTO + SSL(Let’s Encrypt)= HTTP/2

AMIMOTOへの Let’s Encrypt の導入方法

Avatar for Amimoto - Flexible Cloud WordPress Hosting

Amimoto - Flexible Cloud WordPress Hosting

March 18, 2016
Tweet

More Decks by Amimoto - Flexible Cloud WordPress Hosting

See All by Amimoto - Flexible Cloud WordPress Hosting
[日本語] AMIMOTO-AMI Lineup
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
160
EdgeCase - A speaker series by J2 Design
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
350
Progress the system operation drastically with Cloud Automator — AMIMOTO side—
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
190
[東京]Cloud_Automatorで攻めのシステム運用 AMIMOTO スタック編
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
890
AMIMOTO Design Pattern + Server-less Architecture
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
500
WooCommerce with Elasticsearch
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
1
470
[日本語] WooCommerce with Elasticsearch
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
250
Amazon CloudFront with AWS Certificate Manager
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
0
210
WordPress with CloudFront + AMAZON RDS + S3
Avatar for Amimoto - Flexible Cloud WordPress Hosting amimoto
1
700

Other Decks in How-to & DIY

See All in How-to & DIY
JAWS-UG/AWSコミュニティ -JAWS-UGくまもと#16
Avatar for awsj communty program manager - Shigeru Numaguchi awsjcpm
1
150
JAWS-UG/AWSコミュニティ JAWS-UG おおいた
Avatar for awsj communty program manager - Shigeru Numaguchi awsjcpm
2
2.8k
DroidKaigi 2024 - 海外就職というキャリアの選択肢
Avatar for tetsu iyotetsuya
1
1.1k
Why did my proposals get rejected?
Avatar for Masafumi Okura okuramasafumi
1
750
[電子工作]クリップモーターをつくろう
Avatar for haru-orion oriontakemura
0
350
JAWS-UG 福岡 in 北九州 | JAWS-UG/AWSコミュニティ プログラムのご紹介
Avatar for awsj communty program manager - Shigeru Numaguchi awsjcpm
1
160
What's the difference in taste between expensive and cheap mills? Measuring coffee particle size distribution using ImageJ
Avatar for oec dogrunjp
0
470
グローバルAWSユーザー コミュニティとJAWS-UG - JAWS FESTA 2024 in Hiroshima
Avatar for awsj communty program manager - Shigeru Numaguchi awsjcpm
0
4.9k
Terra Charge|急速充電器ご利用ガイドブック / Terra Charge Fast Charger Guidebook
Avatar for Terra Charge contents
1
470
ブロックテーマをゴリゴリに使い倒してサイトを作った話 / Kansai WordPress Meetup 2025 01 25
Avatar for tbshiki tbshiki
1
680
とある航空会社の飛行機の乗り方をお教えします。/20240913-lt
Avatar for Kenichiro Wada kwada
3
320
JAWS-UG Fukuoka - AWS re:Invent 2024 re:Cap AWS Community Perspective
Avatar for awsj communty program manager - Shigeru Numaguchi awsjcpm
2
180

Featured

See All Featured
Bash Introduction
Avatar for André Augusto Costa Santos 62gerente
615
210k
CSS Pre-Processors: Stylus, Less & Sass
Avatar for Bermon Painter bermonpainter
359
30k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
33
2.5k
Practical Orchestrator
Avatar for Shlomi Noach shlominoach
190
11k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
36
6.9k
JavaScript: Past, Present, and Future - NDC Porto 2020
Avatar for David Neal reverentgeek
52
5.6k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
35
3.2k
Site-Speed That Sticks
Avatar for Harry Roberts csswizardry
11
900
Design and Strategy: How to Deal with People Who Don’t "Get" Design
Avatar for Morgane Peng morganepeng
132
19k
Code Reviewing Like a Champion
Avatar for maltzj maltzj
526
40k
Agile that works and the tools we love
Avatar for Rasmus Luckow-Nielsen rasmusluckow
331
21k
Building Flexible Design Systems
Avatar for Yesenia Perez-Cruz yeseniaperezcruz
329
39k

Transcript

  1. @Amimoto_Ami amimoto-ami.com AMIMOTO (HHVM) + SSLʢLet's Encryptʣ

  2. SSL ূ໌ॻͱ͸

  3. ূ໌ॻͷ༗ޮظݶ اۀͷॴࡏ஍ ೝূہͷ৘ใ اۀ໊ SSL ূ໌ॻʹؚ·ΕΔ৘ใ

  4. αΠτ͕SSL/TLS Λ࢖͍ͬͯΔ͔Λݟ෼͚Δʹ͸

  5. SSL CERTIFICATE Λ࢖͏ϝϦοτ

  6. HTTP/2 SEO ৴པੑ

  7. SSL ূ໌ॻΛ ࢖Θͳ͍Ͱ͍Δ ͱ……

  8. SSL ূ໌ॻͷ औಘɾઃఆํ๏

  9. ෳ਺υϝΠϯͷূ໌ॻ υϝΠϯຖʹূ໌ॻ ༗ྉͷ SSL ূ໌ॻ

  10. ແྉͰࣗಈͰΦʔϓϯͳ SSL ূ໌ॻ

  11. Ϩοπ 
 Πϯετʔϧ
 Let’s Encrypt!

  12. AWS ίϯιʔϧ΁ϩάΠϯ͠·͢

  13. Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢

  14. Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢

  15. Route53 ͰυϝΠϯͷκʔϯΛઃఆ͠·͢

  16. EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢

  17. EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢

  18. EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢

  19. EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢

  20. (HTTP/2) Next Generation Preview AMI Λϩʔϯν

  21. ΠϯελϯεαΠζΛબ୒͠·͢

  22. Πϯελϯεͷઃఆ͸σϑΥϧτͷ··ͰOKͰ͢

  23. Πϯελϯεͷઃఆ͸σϑΥϧτͷ··ͰOKͰ͢

  24. Πϯελϯεͷઃఆ͸σϑΥϧτͷ··ͰOKͰ͢

  25. ηΩϡϦςΟάϧʔϓ΁ HTTPS(443) Λ௥Ճ͠·͢

  26. EC2 ͔Β AMIMOTO AMI Λϩʔϯν͠·͢

  27. SSH ΞΫηεʹඞཁͳΩʔϖΞΛ࡞੒͠·͢

  28. HTTP/2 Next Generation Preview AMI ͕ىಈத

  29. Elastic IP Λىಈͨ͠Πϯελϯε΁ׂΓ౰ͯ·͢

  30. ׂΓ౰ͯΔΠϯελϯεID Λબ୒

  31. Elastic IP ͷׂΓ౰ͯ׬ྃ

  32. EC2ΠϯελϯεʹElastic IP ͕දࣔ͞Ε·ͨ͠ɻ

  33. ࡞੒ͨ͠Πϯελϯε΁SSH ͰΞΫηε͠·͢

  34. WordPress ΛΠϯετʔϧ͠·͢ 1. SSH Ͱαʔό΁ΞΫηε:
 $ ssh -i ~/example.pem ec2-user@ΠϯελϯεͷIPΞυϨε


    ·ͨ͸
 $ ssh -i ~/example.pem [email protected]
 2. ύοέʔδΛ࠷৽൛΁ߋ৽:
 $ sudo yum update
 3. WordPress ͷΠϯετʔϧ: 
 $ sudo /usr/local/bin/wp-setup example.com

  35. pip ͱ Let’s Encrypt ΛΠϯετʔϧ 4. Python ͷόʔδϣϯʹ߹͏ pip ͱvirtualenv

    ΛΠϯετʔϧ:
 
 $ sudo yum install python27-pip python27-virtualenv augeas-libs dialog gcc libffi-devel openssl-devel system-rpm-config
 5. Let’s Encrypt ΛΠϯετʔϧ:
 $ sudo virtualenv /opt/letsencrypt/
 $ sudo /opt/letsencrypt/bin/pip install letsencrypt
 6. ূ໌ॻΛ࡞੒:
 $ sudo /opt/letsencrypt/bin/letsencrypt certonly -t -d example.com - a webroot --webroot-path=/var/www/vhosts/example.com/ --rsa-key-size 2048 --server https://acme-v01.api.letsencrypt.org/directory
 7. ظݶ੾Εͷ͓஌Βͤ΍ϦΧόϦ༻ͷϝʔϧΞυϨεΛઃఆ

  36. pip ͱ Let’s encrypt ͷΠϯετʔϧ 8. nginx ͷઃఆϑΝΠϧΛίϐʔͯ͠ SSL ޲͚ʹϦωʔϜ͠·͢:


    $ sudo cp /etc/nginx/conf.d/default-ssl.conf /etc/nginx/conf.d/ example.com-ssl.conf
 
 9. ίϐʔͨ͠ઃఆϑΝΠϧ example.com-ssl.conf Λฤू͠·͢:
 $ sudo vi /etc/nginx/conf.d/example.com-ssl.conf


  37. มߋޙͷ example.com-ssl.conf server { listen 443 ssl http2; server_name example.com;

    root /var/www/vhosts/example.com; index index.html index.htm; charset utf-8; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; ssl_ciphers AESGCM:HIGH:!aNULL:!MD5; ssl_session_cache shared:SSL:10m; ssl_session_timeout 5m; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;

  38. HTTP → HTTPS ΁ͷϦμΠϨΫτઃఆ 10.example.com.conf ʹ HTTPS ΁ͷϦμϨΫτઃఆΛ͠·͢: $ sudo

    vi /etc/nginx/conf.d/example.com.conf server { listen 80; server_name example.com; root /var/www/vhosts/example.com; return 301 https://$host$request_uri; index index.html index.htm; charset utf-8; access_log /var/log/nginx/example.com.access.log main; error_log /var/log/nginx/example.com.error.log;


  39. pip ͱ Let’s encrypt ͷΠϯετʔϧ 11.มߋ಺༰Λ൓ө͢ΔͨΊ nginx Λ࠶ىಈ͠·͢:
 
 $

    sudo service nginx restart

  40. SETUP YOUR WORDPRESS

  41. Πϯελϯε ID Λೖྗͯ͠ WordPress ͷઃఆΛ׬ྃͤ͞·͠ΐ͏

  42. http://amimoto-ami.com/slack/ Questions:

  43. @Amimoto_Ami amimoto-ami.com THANK YOU! AMIMOTO (HHVM) + SSLʢLet's Encryptʣ