Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Let's Encryptで始めるSSL証明書

chamaharun
July 07, 2018
Technology
1
270

Let's Encryptで始めるSSL証明書

OSC北海道2018で発表しました。
https://www.ospn.jp/osc2018-do/modules/eguide/event.php?eid=46

chamaharun

July 07, 2018
Tweet

More Decks by chamaharun

See All by chamaharun
さくらのVPSを支える技術とこれから / Technology behind SAKURA VPS and the future
chamaharun
5
5.9k
「さくらのVPS」のインフラと運用 / How we operate the Infrastructure of Sakura VPS
chamaharun
3
2.2k

Other Decks in Technology

See All in Technology
Mocking your codebase without cursing it
gaqzi
0
140
バクラクの組織とアーキテクチャ(要約)2025/01版
shkomine
5
620
FinJAWS_reinvent2024_recap_database
asahihidehiko
2
310
Plants vs thieves: Automated Tests in the World of Web Security
leichteckig
0
140
プロダクト開発、インフラ、コーポレート、そしてAIとの共通言語としての Terraform / Terraform as a Common Language for Product Development, Infrastructure, Corporate Engineering, and AI
yuyatakeyama
6
1.4k
Autify Company Deck
autifyhq
2
41k
財務データを題材に、 ETLとは何であるかを考える
shoe116
5
1.9k
ソフトウェアアーキテクトのための意思決定術: Software Architecture and Decision-Making
snoozer05
PRO
16
3.1k
レイクハウスとはなんだったのか?
akuwano
14
1.7k
一人から始めたSREチーム3年の歩み - 求められるスキルの変化とチームのあり方 - / The three-year journey of the SRE team, which started all by myself
vtryo
7
5.1k
顧客の声を集めて活かすリクルートPdMのVoC活用事例を徹底解剖!〜プロデザ!〜
recruitengineers
PRO
0
150
企業テックブログにおける執筆ネタの考え方・見つけ方・広げ方 / How to Think of, Find, and Expand Writing Topics for Corporate Tech Blogs
honyanya
0
700

Featured

See All Featured
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
226
22k
Bash Introduction
62gerente
610
210k
Designing on Purpose - Digital PM Summit 2013
jponch
117
7.1k
Making Projects Easy
brettharned
116
6k
Embracing the Ebb and Flow
colly
84
4.5k
Into the Great Unknown - MozCon
thekraken
34
1.6k
Why Our Code Smells
bkeepers
PRO
335
57k
Thoughts on Productivity
jonyablonski
68
4.4k
GitHub's CSS Performance
jonrohan
1030
460k
A better future with KSS
kneath
238
17k
10 Git Anti Patterns You Should be Aware of
lemiorhan
PRO
656
59k
Speed Design
sergeychernyshev
25
750

Transcript

  1. -FUT&ODSZQU Ͱ࢝ΊΔ44-ূ໌ॻ খྛɹ޼ !DIBNBIBSVO

  2. ൃදऀ঺հ ΠϯϑϥΤϯδχΞ ๺ւಓग़਎04$೥໨ʢͨͿΜʣ ϗεςΟϯάܥاۀͰαʔόӡ༻Λ୲౰ ΠϥετਤղͰΑ͘Θ͔Δ *5Πϯϑϥͷجૅ஌ࣝ ˡܠ඼ʹ͋Γ·͢ʂ 4PGUXBSF%FTJHO
 ΤϐιʔυͰ֮͑Δ6/*9ίϚϯυ খྛɹ޼ʢ!DIBNBIBSVOʣ

  3. ͜Μͳهࣄॻ͖·ͨ͠ -FUT&ODSZQU DFSUCPU Λ࢖ͬͯϫΠϧυΧʔυূ໌ॻ͢Δʂ
 ͋ͱͪΐͬͱ 
 IUUQTRJJUBDPNDIBNBIBSVOJUFNTCDEDDGFCE -FUT&ODSZQU DFSUCPU ͰϫΠϧυΧʔυূ໌ॻͰ͖ͨ

    IUUQTRJJUBDPNDIBNBIBSVOJUFNTDCCBCDCD ʮϫΠϧυΧʔυ΍ͬͯΈͨʯܥͰ೔ຊॳ͔΋

  4. ࠓ೔͓఻͑͢Δ͜ͱ w -FUT`T&ODSZQUͱ͸ w -FU`T&ODSZQUͷ࢖͍Ͳ͜Ζ w -FU`T&ODSZQUΛ༻͍ͨ44-ূ໌ॻͷऔಘɾߋ৽ํ๏ w -FU`T&ODSZQUͷϫΠϧυΧʔυূ໌ॻରԠͱ
 %/4ϓϥάΠϯͷ঺հ

  5. ࠓ೔΍Βͳ͍͜ͱ w ҰاۀɾαʔϏεͷએ఻ɾ൷൑
 ͨͩ͠ɺศར͔ͩΒ౰ͨΓલʹͳͬͯཉ͍͠ɺ
 ͱ͍͏΋ͷΛআ͘  w 44-Λࢧ͑Δٕज़ͷࡉ͔͍෦෼ͷղઆ

  6. 44-ͬͯԿ͚ͩͬ w 44-4FDVSF4PDLFU-BZFS w ޙܧن֨5-45SBOTQPSU-BZFS4FDVSJUZ  w ௨৴Λ҉߸Խ͢Δ͜ͱʹΑΓ౪ௌɾվ͟Μʹڧ͍ϓϩτ ίϧ w

    )55144.514'514ͳͲɺैདྷͷϓϩτίϧΛ 4FDVSFʹ͢Δ໾ׂΛ୲͏

  7. ͳͥࠓ44-ͳͷ͔ w ηΩϡϦςΟҙࣝͷߴ·ΓʹΑΓ)5514͕౰ͨΓલʹͳ Γͭͭ͋Δ w Ͱʙͷීٴ཰
 HPPHMFௐ΂ɺϓϥοτϗʔϜผ  w DISPNF

    ϦϦʔε༧ఆ ͔Βશͯͷ)551 αΠτʹܯࠂ͕ग़ΔΑ͏ʹ IUUQTCMPHDISPNJVNPSHBTFDVSFXFCJTIFSFUPTUBZIUNM IUUQTUSBOTQBSFODZSFQPSUHPPHMFDPNIUUQTPWFSWJFX IMKB

  8. 44-ͷ࢓૊ΈΛ؆୯ʹ ϦΫΤετ ূ໌ॻɾެ։伴 伴ަ׵ ҆શͳ௨৴ ΫϥΠΞϯτ αʔό

  9. 44-ূ໌ॻ w ௨৴ઌͷαʔό͕ຊ෺Ͱ͋Δূ໌ w ೝূہʹΑΓൃߦ͞ΕΔ w छྨ͋Δ ӡӦऀ ೝূہ αʔό

    ਃ੥ɾࢧ෷͍ ೝূɾൃߦ ઃஔ ূ໌ॻ

  10. 44-ূ໌ॻ w ূ໌ॻࣗମͷূ໌΋ূ໌ॻʹΑΓݕূ͞ΕΔ w ֊૚ߏ଄ͷূ໌ॻʹϧʔτূ໌ॻ w ϧʔτূ໌ॻ͸௨ৗϒϥ΢βʹΠϯετʔϧ͞Ε͍ͯΔ w ֊૚ߏ଄ΛḷΕͳ͍ূ໌ॻʹ͸ܯࠂ͕ग़Δ αʔόͷূ໌ॻ

    தؒূ໌ॻ ϧʔτূ໌ॻ ূ໌ ূ໌

  11. 44-ূ໌ॻͷछྨͱՁ֨ ೝূ ͢Δ΋ͷ ৴པੑ Ձ֨ %7 υϝΠϯ ॴ༗ऀ ௿
 ਺ઍ

    07 ӡӦ૊৫
 ి࿩ͳͲ த
 ਺ສ &7 ӡӦ૊৫
 اۀ%#ͳͲ ߴ
 ਺ສ &7ূ໌ॻͰ͸ ΞυϨεόʔʹاۀ໊͕ೖΔ ֬ೝ͢Δ΋ͷ͕૿͑Δʹ࿈Ε ৴པੑɾՁ֨ɾೲظ૿

  12. ແྉͷ44-ূ໌ॻ ৴པੑ͸Ͳ͏ͳͷʁ ͲΜͳ΋ͷ͕͋Δͷʁ υϝΠϯϨϕϧͰͷೝূ
 ʹߴ͍৴པੑ͕ٻΊΒΕΔ؀ڥͰ͸ෆ޲͖ ݸਓن໛اۀͰ΋։ൃ؀ڥͳͲͰ͸༗༻ ࣗݾॺ໊ূ໌ॻ 4UBSU$0. 8P4JHOˠͰ৽نൃߦఀࢭ -FU`T&ODSZQUˠࠓ೔ͷຊ୊

  13. -FU`T&ODSZQU w *43( *OUFSOFU4FDVSJUZ3FTFBSDI(SPVQ 
 ͕ӡӦ͢Δೝূہ w औಘɾߋ৽ͳͲͷखଓ͖͕ࣗಈԽ͞Ε͍ͯΔ w %7ূ໌ॻΛແྉͰར༻Մೳ

    w ূ໌ॻͷ༗ޮظݶ͸೔

  14. Ϩϯλϧαʔό֤ࣾͰͷ ରԠ΋ਐΉ w ϩϦϙοϓ w ΤοΫεαʔόʔ w ͘͞ΒͷϨϯλϧαʔό w ΧΰϠɾδϟύϯ

    ͳͲ ίϚϯυୟ͔ͣίϯτϩʔϧύωϧ͔Βૢ࡞Ͱ͖Δ৔߹΋

  15. "$.&ϓϩτίϧ "$.&ΫϥΠΞϯτ "$.&αʔό 8FCαʔό
 %/4αʔό υϝΠϯॴ༗ऀ ૢ࡞ νϟϨϯδཁٻ จࣈྻΛࢦఆ จࣈྻΛઃஔ

    ΞΫηεɾ֬ೝ υϝΠϯॴ༗ऀͷೝূ͔Βূ໌ॻͷൃߦ·ͰΛࣗಈԽ υϝΠϯॴ༗ऀʹจࣈྻΛ༩͑ɺ %/4αʔό΋͘͠͸8FCαʔόʹԠ౴ͤ͞Δ

  16. )551ೝূͱ%/4ೝূ υϝΠϯʹ595ϨίʔυΛ௥ՃͰ͖Δඞཁ͕͋Δ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕͋Δ %/4ೝূ )551ೝূ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕ͳ͍ ಺෦޲͚αΠτͳͲͰ΋࢖͑Δ ϫΠϧυΧʔυূ໌ॻͰ͸%/4ೝূඞਢ ݱࡏ

  17. ಋೖͯ͠ΈΔ w ZVN BQU౳ͷύοέʔδϚωʔδϟͰ؆୯ʹΠϯετʔ ϧ w QJQܦ༝Ͱ΋ΠϯετʔϧՄೳ w ֤छϓϥάΠϯ͕ॆ࣮ ެࣜਪ঑ΫϥΠΞϯτɿDFSUCPU

    IUUQTDFSUCPUF⒎PSHɹͰΞʔΩςΫνϟΛબ୒ˠ࠷దͳΠϯετʔϧํ๏

  18. XFCSPPUϓϥάΠϯ )551ೝূΛ؆୯ʹ͢ΔϓϥάΠϯ ೝূ༻จࣈྻͷϑΝΠϧΛಛఆͷύεʹ࡞੒ͯ͘͠ΕΔ DFSUCPUDFSUPOMZ XFCSPPU NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL EUFTUPTBLFPOMJOF XVTSTIBSFOHJOYIUNM

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε ŠNBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ ŠBHSFFUPTن໿ʹಉҙ Xೝূ༻จࣈྻͷϑΝΠϧͷύεɹ ύεXFMMLOPXOBDNFDIBMMFOHF

  19. *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX BMM

    PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  20. ߋ৽΋؆୯ʹ DFSUCPUSFOFXίϚϯυ ༗ޮظݶ͕࢒Γ೔Λ੾͍ͬͯͨΒߋ৽ QPTUIPPLΦϓγϣϯͰ8FCαʔόΛϦϩʔυ͢Δͱศར DSPOͳͲͰఆظతʹ࣮ߦ͢Δ͜ͱͰظݶ੾ΕΛ๷ࢭ DFSUCPUSFOFXUJNFS 8FCαʔόͷϦϩʔυ͸FUDTZTDPOpHDFSUCPUͷ1045@)00,ʹ TZTUFNDUMFOBCMFŠOPXDFSUCPUSFOFXUJNFS TZTUFNEUJNFS༻ઃఆϑΝΠϧ͕༧ΊΠϯετʔϧ͞Ε͍ͯΔ

  21. ෳ਺υϝΠϯʹରͯ͠ ൃߦ͢Δ w 4"/4VCKFDU"MUFSOBUJWF/BNF w EΦϓγϣϯΛෳ਺͚ͭΔ͜ͱͰෳ਺υϝΠϯରԠͷূ ໌ॻʹͳΔˠҰ൪࠷ॳͷυϝΠϯ͕୅දʹͳΔ w 8FCαʔόͰɹXFMMLOPXOBDNFDIBMMFOHFɹΛ ಉ͡σΟϨΫτϦΛࢀর͢ΔΑ͏ʹ͢Δͱศར

    w ୔ࢁαϒυϝΠϯ௥Ճͯ͠؅ཧ͕໘౗
 ˠϫΠϧυΧʔυূ໌ॻ

  22. ϫΠϧυΧʔυূ໌ॻ ͲͷಉҰ֊૚αϒυϝΠϯʹରͯ͠΋࢖༻Ͱ͖Δূ໌ॻ FYBNQMFDPN XXXFYBNQMFDPN NBJMFYBNQMFDPN UFTUXXXFYBNQMFDPN ⭕ ❌ FYBNQMFDPN

  23. ϫΠϧυΧʔυূ໌ॻ w ʹ-FU`T&ODSZQU͕"$.&WͰରԠ w %/4ೝূ͕ඞཁ w TFSWFSΦϓγϣϯͰ"$.&Wαʔόͷࢦఆ͕ඞཁ

  24. ϫΠϧυΧʔυূ໌ॻͷ࢖͍ॴ αϒυϝΠϯ͕୔ࢁ͋Δ࣌ ؾ͔ͮΕͨ͘ͳ͍αϒυϝΠϯ͕ଘࡏ͢Δ࣌ IUUQTUXJUUFSDPN@ZZV@TUBUVT ͳͲ

  25. ϫΠϧυΧʔυূ໌ॻ Λऔಘͯ͠ΈΔ DFSUCPUDFSUPOMZNBOVBM E DSLCDP NϝʔϧΞυϨε BHSFFUPT ŠNBOVBMQVCMJDJQMPHHJOHPL QSFGFSSFEDIBMMFOHFTEOT ŠTFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε NBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ QSFGFSSFEDIBMMFOHFTೝূํ๏ɹEOTඞਢ TFSWFSೝূαʔό"$.&Wαʔόඞਢ

  26. ίϚϯυग़ྗ 4BWJOHEFCVHMPHUPWBSMPHMFUTFODSZQUMFUTFODSZQUMPH 1MVHJOTTFMFDUFE"VUIFOUJDBUPSNBOVBM *OTUBMMFS/POF4UBSUJOHOFX)5514 DPOOFDUJPO  BDNFWBQJMFUTFODSZQUPSH0CUBJOJOHBOFXDFSUJpDBUF 1FSGPSNJOHUIFGPMMPXJOHDIBMMFOHFTEOTDIBMMFOHFGPSDSLCDP  1MFBTFEFQMPZB%/4595SFDPSEVOEFSUIFOBNF@BDNFDIBMMFOHFDSLCDP

    XJUIUIFGPMMPXJOHWBMVF NIM).'73WDFS/;6#5$$5MEQ5L:S5#)9BG,. #FGPSFDPOUJOVJOH WFSJGZUIFSFDPSEJTEFQMPZFE  1SFTT&OUFSUP$POUJOVF

  27. 595ϨίʔυΛखಈͰ௥Ճ

  28. 595ϨίʔυΛ൓өޙ *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX

    BMM PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  29. %/4ͷϓϥάΠϯ͕ศར w ূ໌ॻͷൃߦɾߋ৽࣌ʹ595ϨίʔυΛ௥Ճ͢Δͷ͸໘౗ w ϓϥάΠϯʹ೚ͤΔͱ͍͏ख΋͋Δ w DMPVEqBSF w EJHJUBMPDFBO w

    HPPHMFDMPVEEOT w "84SPVUF ͳͲछྨͷ%/4αʔϏε3'$ʹରԠ

  30. (PPHMF$MPVE%/4 Ͱ΍ͬͯΈͨ ʮ"1*ͱαʔϏεʯˠ ʮೝূ৘ใΛ࡞੒ʯˠ ʮαʔϏεΞΧ΢ϯτΩʔʯ ೝূ৘ใΛ+40/Ͱμ΢ϯϩʔυ +40/ϑΝΠϧͷύʔϛογϣϯΛʹมߋ

  31. EOTHPPHMFDSFEFOUJBMTΦϓγϣϯͰ+40/ϑΝΠϧΛࢦఆ͢Δ͚ͩ DFSUCPUDFSUPOMZ EOTHPPHMF EOTHPPHMFDSFEFOUJBMTdTFDSFUTDFSUCPUHPPHMFKTPO E LPCBOFU BHSFFUPT NϝʔϧΞυϨε TFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ NBOVBMQVCMJDJQMPHHJOHPL

    EOTHPPHMFΦϓγϣϯΛࢦఆ ύοέʔδϚωʔδϟͰDFSUCPUEOTHPPHMFΛΠϯετʔϧ ূ໌ॻൃߦ׬ྃʂ

  32. "843PVUF Ͱ΍ͬͯΈͨ ʮ*".ʯˠϢʔβʔΛ௥Ճ ʮ"NB[PO3PVUF%PNBJOT'VMM"DDFTTʯΛΞλον dBXTDPOpHʹ BXT@BDDFTT@LFZ@JEͱBXT@TFDSFU@BDDFTT@LFZΛ௥Ճ

  33. DFSUCPUDFSUPOMZ EOTSPVUF EPTBLFPOMJOF NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL dBXTDPOpH͕ಡΈࠐ·Εɺ%/4ʹ595Ϩίʔυ͕௥Ճ͞ΕΔ ŠEOTSPVUFΦϓγϣϯΛ͚ͭΔ͚ͩ ূ໌ॻൃߦ׬ྃʂ

  34. ࠓޙରԠ༧ఆʁ w "[VSF%/4 w -JOPEF w ͘͞ΒͷΫϥ΢υ w (FIJSO%/4 w

    (PEBEEZ IUUQTHJUIVCDPNDFSUCPUDFSUCPUJTTVFT RJT"QS JT"PQFO MBCFM"BSFB" EOT ༗ࢤʹΑΓ13͕ग़͞Ε͍ͯΔ

  35. ·ͱΊ w -FU`T&ODSZQUΛ࢖͑͹ແྉɾखܰʹ
 44-ূ໌ॻΛར༻Ͱ͖Δ w ϫΠϧυΧʔυʹ΋ରԠͨ͠ͷͰߋʹ࢖͍΍͘͢ w %/4ϓϥάΠϯΛ࢖͑͹ΑΓ؆୯ʹ w ࣭໰ͳͲ͋Ε͹!DIBNBIBSVO·Ͱ

    w ࠙਌ձߦ͖·͢ʂ