Let's Encryptで始めるSSL証明書

27be367c0d0d8e9cbeba60afd8b68da4?s=47 chamaharun
July 07, 2018
Technology
1
150

Let's Encryptで始めるSSL証明書

OSC北海道2018で発表しました。
https://www.ospn.jp/osc2018-do/modules/eguide/event.php?eid=46

27be367c0d0d8e9cbeba60afd8b68da4?s=128

chamaharun

July 07, 2018
Tweet

More Decks by chamaharun

See All by chamaharun
27be367c0d0d8e9cbeba60afd8b68da4?s=48 chamaharun
4
3.2k
27be367c0d0d8e9cbeba60afd8b68da4?s=48 chamaharun
3
1.5k

Other Decks in Technology

See All in Technology
92e7a56a50535ef4c51c112c71d3f9c1?s=48 jkubota
0
250
7a37d60769f6f3004adee19a8ff2c219?s=48 tunepolo
4
1.4k
C21becdee5cd08b34c7452276e64c1fe?s=48 yamamuteki
6
1.1k
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
160
Ca7f3070b0edb9ec3e1b5b5109920a8a?s=48 hiyokotaisa
2
1.5k
18f1e3993e9ead63e7a0f70d9eb996bb?s=48 wkm2
0
120
B1cc148711c6a37a5c922b6e72a4ad52?s=48 upura
1
870
D6fc8a819afa94f464fe322032a6687f?s=48 mahito
3
1.1k
20451295e0cb4dce2b2805b2a61cd92d?s=48 tnk4on
6
820
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
150
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
240
88964b936e864ca7d326272eaa70fa9a?s=48 hgsgtk
0
1.4k

Featured

See All Featured
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
189
8.2k
C0b42577cfc2b321be3474618107e933?s=48 samanthasiow
51
5.9k
F383c6a4dc55e331bbe2987b622cee6b?s=48 stephaniewalter
256
10k
78b475797a14c84799063c7cd073962f?s=48 holman
287
130k
7edec06b5435e0dac07a353b2cc26253?s=48 geeforr
330
29k
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
252
19k
C9b18d9dff88a9dd2393364c2b3b21bd?s=48 colly
65
2.9k
C4de88ea47538e4594750e3861a341c8?s=48 brettharned
91
2.8k
9fa239b3154a0169d99ab7bf1422dd12?s=48 marcelosomers
221
14k
15f2b8221f247985a27a627d2ece72f0?s=48 pauljervisheath
193
15k
C9b18d9dff88a9dd2393364c2b3b21bd?s=48 colly
183
14k
4262b9cfacfb6b2c77f23e1d0310cd3e?s=48 myddelton
104
10k

Transcript

  1. -FUT&ODSZQU Ͱ࢝ΊΔ44-ূ໌ॻ খྛɹ޼ !DIBNBIBSVO

  2. ൃදऀ঺հ ΠϯϑϥΤϯδχΞ ๺ւಓग़਎04$೥໨ʢͨͿΜʣ ϗεςΟϯάܥاۀͰαʔόӡ༻Λ୲౰ ΠϥετਤղͰΑ͘Θ͔Δ *5Πϯϑϥͷجૅ஌ࣝ ˡܠ඼ʹ͋Γ·͢ʂ 4PGUXBSF%FTJHO
 ΤϐιʔυͰ֮͑Δ6/*9ίϚϯυ খྛɹ޼ʢ!DIBNBIBSVOʣ

  3. ͜Μͳهࣄॻ͖·ͨ͠ -FUT&ODSZQU DFSUCPU Λ࢖ͬͯϫΠϧυΧʔυূ໌ॻ͢Δʂ
 ͋ͱͪΐͬͱ 
 IUUQTRJJUBDPNDIBNBIBSVOJUFNTCDEDDGFCE -FUT&ODSZQU DFSUCPU ͰϫΠϧυΧʔυূ໌ॻͰ͖ͨ

    IUUQTRJJUBDPNDIBNBIBSVOJUFNTDCCBCDCD ʮϫΠϧυΧʔυ΍ͬͯΈͨʯܥͰ೔ຊॳ͔΋

  4. ࠓ೔͓఻͑͢Δ͜ͱ w -FUT`T&ODSZQUͱ͸ w -FU`T&ODSZQUͷ࢖͍Ͳ͜Ζ w -FU`T&ODSZQUΛ༻͍ͨ44-ূ໌ॻͷऔಘɾߋ৽ํ๏ w -FU`T&ODSZQUͷϫΠϧυΧʔυূ໌ॻରԠͱ
 %/4ϓϥάΠϯͷ঺հ

  5. ࠓ೔΍Βͳ͍͜ͱ w ҰاۀɾαʔϏεͷએ఻ɾ൷൑
 ͨͩ͠ɺศར͔ͩΒ౰ͨΓલʹͳͬͯཉ͍͠ɺ
 ͱ͍͏΋ͷΛআ͘  w 44-Λࢧ͑Δٕज़ͷࡉ͔͍෦෼ͷղઆ

  6. 44-ͬͯԿ͚ͩͬ w 44-4FDVSF4PDLFU-BZFS w ޙܧن֨5-45SBOTQPSU-BZFS4FDVSJUZ  w ௨৴Λ҉߸Խ͢Δ͜ͱʹΑΓ౪ௌɾվ͟Μʹڧ͍ϓϩτ ίϧ w

    )55144.514'514ͳͲɺैདྷͷϓϩτίϧΛ 4FDVSFʹ͢Δ໾ׂΛ୲͏

  7. ͳͥࠓ44-ͳͷ͔ w ηΩϡϦςΟҙࣝͷߴ·ΓʹΑΓ)5514͕౰ͨΓલʹͳ Γͭͭ͋Δ w Ͱʙͷීٴ཰
 HPPHMFௐ΂ɺϓϥοτϗʔϜผ  w DISPNF

    ϦϦʔε༧ఆ ͔Βશͯͷ)551 αΠτʹܯࠂ͕ग़ΔΑ͏ʹ IUUQTCMPHDISPNJVNPSHBTFDVSFXFCJTIFSFUPTUBZIUNM IUUQTUSBOTQBSFODZSFQPSUHPPHMFDPNIUUQTPWFSWJFX IMKB

  8. 44-ͷ࢓૊ΈΛ؆୯ʹ ϦΫΤετ ূ໌ॻɾެ։伴 伴ަ׵ ҆શͳ௨৴ ΫϥΠΞϯτ αʔό

  9. 44-ূ໌ॻ w ௨৴ઌͷαʔό͕ຊ෺Ͱ͋Δূ໌ w ೝূہʹΑΓൃߦ͞ΕΔ w छྨ͋Δ ӡӦऀ ೝূہ αʔό

    ਃ੥ɾࢧ෷͍ ೝূɾൃߦ ઃஔ ূ໌ॻ

  10. 44-ূ໌ॻ w ূ໌ॻࣗମͷূ໌΋ূ໌ॻʹΑΓݕূ͞ΕΔ w ֊૚ߏ଄ͷূ໌ॻʹϧʔτূ໌ॻ w ϧʔτূ໌ॻ͸௨ৗϒϥ΢βʹΠϯετʔϧ͞Ε͍ͯΔ w ֊૚ߏ଄ΛḷΕͳ͍ূ໌ॻʹ͸ܯࠂ͕ग़Δ αʔόͷূ໌ॻ

    தؒূ໌ॻ ϧʔτূ໌ॻ ূ໌ ূ໌

  11. 44-ূ໌ॻͷछྨͱՁ֨ ೝূ ͢Δ΋ͷ ৴པੑ Ձ֨ %7 υϝΠϯ ॴ༗ऀ ௿
 ਺ઍ

    07 ӡӦ૊৫
 ి࿩ͳͲ த
 ਺ສ &7 ӡӦ૊৫
 اۀ%#ͳͲ ߴ
 ਺ສ &7ূ໌ॻͰ͸ ΞυϨεόʔʹاۀ໊͕ೖΔ ֬ೝ͢Δ΋ͷ͕૿͑Δʹ࿈Ε ৴པੑɾՁ֨ɾೲظ૿

  12. ແྉͷ44-ূ໌ॻ ৴པੑ͸Ͳ͏ͳͷʁ ͲΜͳ΋ͷ͕͋Δͷʁ υϝΠϯϨϕϧͰͷೝূ
 ʹߴ͍৴པੑ͕ٻΊΒΕΔ؀ڥͰ͸ෆ޲͖ ݸਓن໛اۀͰ΋։ൃ؀ڥͳͲͰ͸༗༻ ࣗݾॺ໊ূ໌ॻ 4UBSU$0. 8P4JHOˠͰ৽نൃߦఀࢭ -FU`T&ODSZQUˠࠓ೔ͷຊ୊

  13. -FU`T&ODSZQU w *43( *OUFSOFU4FDVSJUZ3FTFBSDI(SPVQ 
 ͕ӡӦ͢Δೝূہ w औಘɾߋ৽ͳͲͷखଓ͖͕ࣗಈԽ͞Ε͍ͯΔ w %7ূ໌ॻΛແྉͰར༻Մೳ

    w ূ໌ॻͷ༗ޮظݶ͸೔

  14. Ϩϯλϧαʔό֤ࣾͰͷ ରԠ΋ਐΉ w ϩϦϙοϓ w ΤοΫεαʔόʔ w ͘͞ΒͷϨϯλϧαʔό w ΧΰϠɾδϟύϯ

    ͳͲ ίϚϯυୟ͔ͣίϯτϩʔϧύωϧ͔Βૢ࡞Ͱ͖Δ৔߹΋

  15. "$.&ϓϩτίϧ "$.&ΫϥΠΞϯτ "$.&αʔό 8FCαʔό
 %/4αʔό υϝΠϯॴ༗ऀ ૢ࡞ νϟϨϯδཁٻ จࣈྻΛࢦఆ จࣈྻΛઃஔ

    ΞΫηεɾ֬ೝ υϝΠϯॴ༗ऀͷೝূ͔Βূ໌ॻͷൃߦ·ͰΛࣗಈԽ υϝΠϯॴ༗ऀʹจࣈྻΛ༩͑ɺ %/4αʔό΋͘͠͸8FCαʔόʹԠ౴ͤ͞Δ

  16. )551ೝূͱ%/4ೝূ υϝΠϯʹ595ϨίʔυΛ௥ՃͰ͖Δඞཁ͕͋Δ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕͋Δ %/4ೝূ )551ೝূ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕ͳ͍ ಺෦޲͚αΠτͳͲͰ΋࢖͑Δ ϫΠϧυΧʔυূ໌ॻͰ͸%/4ೝূඞਢ ݱࡏ

  17. ಋೖͯ͠ΈΔ w ZVN BQU౳ͷύοέʔδϚωʔδϟͰ؆୯ʹΠϯετʔ ϧ w QJQܦ༝Ͱ΋ΠϯετʔϧՄೳ w ֤छϓϥάΠϯ͕ॆ࣮ ެࣜਪ঑ΫϥΠΞϯτɿDFSUCPU

    IUUQTDFSUCPUF⒎PSHɹͰΞʔΩςΫνϟΛબ୒ˠ࠷దͳΠϯετʔϧํ๏

  18. XFCSPPUϓϥάΠϯ )551ೝূΛ؆୯ʹ͢ΔϓϥάΠϯ ೝূ༻จࣈྻͷϑΝΠϧΛಛఆͷύεʹ࡞੒ͯ͘͠ΕΔ DFSUCPUDFSUPOMZ XFCSPPU NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL EUFTUPTBLFPOMJOF XVTSTIBSFOHJOYIUNM

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε ŠNBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ ŠBHSFFUPTن໿ʹಉҙ Xೝূ༻จࣈྻͷϑΝΠϧͷύεɹ ύεXFMMLOPXOBDNFDIBMMFOHF

  19. *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX BMM

    PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  20. ߋ৽΋؆୯ʹ DFSUCPUSFOFXίϚϯυ ༗ޮظݶ͕࢒Γ೔Λ੾͍ͬͯͨΒߋ৽ QPTUIPPLΦϓγϣϯͰ8FCαʔόΛϦϩʔυ͢Δͱศར DSPOͳͲͰఆظతʹ࣮ߦ͢Δ͜ͱͰظݶ੾ΕΛ๷ࢭ DFSUCPUSFOFXUJNFS 8FCαʔόͷϦϩʔυ͸FUDTZTDPOpHDFSUCPUͷ1045@)00,ʹ TZTUFNDUMFOBCMFŠOPXDFSUCPUSFOFXUJNFS TZTUFNEUJNFS༻ઃఆϑΝΠϧ͕༧ΊΠϯετʔϧ͞Ε͍ͯΔ

  21. ෳ਺υϝΠϯʹରͯ͠ ൃߦ͢Δ w 4"/4VCKFDU"MUFSOBUJWF/BNF w EΦϓγϣϯΛෳ਺͚ͭΔ͜ͱͰෳ਺υϝΠϯରԠͷূ ໌ॻʹͳΔˠҰ൪࠷ॳͷυϝΠϯ͕୅දʹͳΔ w 8FCαʔόͰɹXFMMLOPXOBDNFDIBMMFOHFɹΛ ಉ͡σΟϨΫτϦΛࢀর͢ΔΑ͏ʹ͢Δͱศར

    w ୔ࢁαϒυϝΠϯ௥Ճͯ͠؅ཧ͕໘౗
 ˠϫΠϧυΧʔυূ໌ॻ

  22. ϫΠϧυΧʔυূ໌ॻ ͲͷಉҰ֊૚αϒυϝΠϯʹରͯ͠΋࢖༻Ͱ͖Δূ໌ॻ FYBNQMFDPN XXXFYBNQMFDPN NBJMFYBNQMFDPN UFTUXXXFYBNQMFDPN ⭕ ❌ FYBNQMFDPN

  23. ϫΠϧυΧʔυূ໌ॻ w ʹ-FU`T&ODSZQU͕"$.&WͰରԠ w %/4ೝূ͕ඞཁ w TFSWFSΦϓγϣϯͰ"$.&Wαʔόͷࢦఆ͕ඞཁ

  24. ϫΠϧυΧʔυূ໌ॻͷ࢖͍ॴ αϒυϝΠϯ͕୔ࢁ͋Δ࣌ ؾ͔ͮΕͨ͘ͳ͍αϒυϝΠϯ͕ଘࡏ͢Δ࣌ IUUQTUXJUUFSDPN@ZZV@TUBUVT ͳͲ

  25. ϫΠϧυΧʔυূ໌ॻ Λऔಘͯ͠ΈΔ DFSUCPUDFSUPOMZNBOVBM E DSLCDP NϝʔϧΞυϨε BHSFFUPT ŠNBOVBMQVCMJDJQMPHHJOHPL QSFGFSSFEDIBMMFOHFTEOT ŠTFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε NBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ QSFGFSSFEDIBMMFOHFTೝূํ๏ɹEOTඞਢ TFSWFSೝূαʔό"$.&Wαʔόඞਢ

  26. ίϚϯυग़ྗ 4BWJOHEFCVHMPHUPWBSMPHMFUTFODSZQUMFUTFODSZQUMPH 1MVHJOTTFMFDUFE"VUIFOUJDBUPSNBOVBM *OTUBMMFS/POF4UBSUJOHOFX)5514 DPOOFDUJPO  BDNFWBQJMFUTFODSZQUPSH0CUBJOJOHBOFXDFSUJpDBUF 1FSGPSNJOHUIFGPMMPXJOHDIBMMFOHFTEOTDIBMMFOHFGPSDSLCDP  1MFBTFEFQMPZB%/4595SFDPSEVOEFSUIFOBNF@BDNFDIBMMFOHFDSLCDP

    XJUIUIFGPMMPXJOHWBMVF NIM).'73WDFS/;6#5$$5MEQ5L:S5#)9BG,. #FGPSFDPOUJOVJOH WFSJGZUIFSFDPSEJTEFQMPZFE  1SFTT&OUFSUP$POUJOVF

  27. 595ϨίʔυΛखಈͰ௥Ճ

  28. 595ϨίʔυΛ൓өޙ *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX

    BMM PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  29. %/4ͷϓϥάΠϯ͕ศར w ূ໌ॻͷൃߦɾߋ৽࣌ʹ595ϨίʔυΛ௥Ճ͢Δͷ͸໘౗ w ϓϥάΠϯʹ೚ͤΔͱ͍͏ख΋͋Δ w DMPVEqBSF w EJHJUBMPDFBO w

    HPPHMFDMPVEEOT w "84SPVUF ͳͲछྨͷ%/4αʔϏε3'$ʹରԠ

  30. (PPHMF$MPVE%/4 Ͱ΍ͬͯΈͨ ʮ"1*ͱαʔϏεʯˠ ʮೝূ৘ใΛ࡞੒ʯˠ ʮαʔϏεΞΧ΢ϯτΩʔʯ ೝূ৘ใΛ+40/Ͱμ΢ϯϩʔυ +40/ϑΝΠϧͷύʔϛογϣϯΛʹมߋ

  31. EOTHPPHMFDSFEFOUJBMTΦϓγϣϯͰ+40/ϑΝΠϧΛࢦఆ͢Δ͚ͩ DFSUCPUDFSUPOMZ EOTHPPHMF EOTHPPHMFDSFEFOUJBMTdTFDSFUTDFSUCPUHPPHMFKTPO E LPCBOFU BHSFFUPT NϝʔϧΞυϨε TFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ NBOVBMQVCMJDJQMPHHJOHPL

    EOTHPPHMFΦϓγϣϯΛࢦఆ ύοέʔδϚωʔδϟͰDFSUCPUEOTHPPHMFΛΠϯετʔϧ ূ໌ॻൃߦ׬ྃʂ

  32. "843PVUF Ͱ΍ͬͯΈͨ ʮ*".ʯˠϢʔβʔΛ௥Ճ ʮ"NB[PO3PVUF%PNBJOT'VMM"DDFTTʯΛΞλον dBXTDPOpHʹ BXT@BDDFTT@LFZ@JEͱBXT@TFDSFU@BDDFTT@LFZΛ௥Ճ

  33. DFSUCPUDFSUPOMZ EOTSPVUF EPTBLFPOMJOF NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL dBXTDPOpH͕ಡΈࠐ·Εɺ%/4ʹ595Ϩίʔυ͕௥Ճ͞ΕΔ ŠEOTSPVUFΦϓγϣϯΛ͚ͭΔ͚ͩ ূ໌ॻൃߦ׬ྃʂ

  34. ࠓޙରԠ༧ఆʁ w "[VSF%/4 w -JOPEF w ͘͞ΒͷΫϥ΢υ w (FIJSO%/4 w

    (PEBEEZ IUUQTHJUIVCDPNDFSUCPUDFSUCPUJTTVFT RJT"QS JT"PQFO MBCFM"BSFB" EOT ༗ࢤʹΑΓ13͕ग़͞Ε͍ͯΔ

  35. ·ͱΊ w -FU`T&ODSZQUΛ࢖͑͹ແྉɾखܰʹ
 44-ূ໌ॻΛར༻Ͱ͖Δ w ϫΠϧυΧʔυʹ΋ରԠͨ͠ͷͰߋʹ࢖͍΍͘͢ w %/4ϓϥάΠϯΛ࢖͑͹ΑΓ؆୯ʹ w ࣭໰ͳͲ͋Ε͹!DIBNBIBSVO·Ͱ

    w ࠙਌ձߦ͖·͢ʂ