Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Let's Encryptで始めるSSL証明書

chamaharun
July 07, 2018
Technology
1
240

Let's Encryptで始めるSSL証明書

OSC北海道2018で発表しました。
https://www.ospn.jp/osc2018-do/modules/eguide/event.php?eid=46

chamaharun

July 07, 2018
Tweet

More Decks by chamaharun

See All by chamaharun
さくらのVPSを支える技術とこれから / Technology behind SAKURA VPS and the future
chamaharun
5
5.4k
「さくらのVPS」のインフラと運用 / How we operate the Infrastructure of Sakura VPS
chamaharun
3
2.1k

Other Decks in Technology

See All in Technology
ゼロから始めるVue.jsコミュニティ貢献 / first-vuejs-community-contribution-link-and-motivation
lmi
1
130
Terraformあれやこれ/terraform-this-and-that
emiki
8
1.4k
VS CodeでAWSを操作しよう
smt7174
8
1.7k
一生覚えておきたい「システム開発=コミュニケーション」〜初めての実務案件振り返りLT〜
maimyyym
0
140
Google Cloud Next '24でブログを10本書いた方法と勉強会を沸かせた方法
yasumuusan
0
290
Kernel MemoryでAzure OpenAI Serviceとお手軽データソース連携
mitsuzono
1
250
JSON攻略法.pdf
miyakemito
8
5k
リテール金融(キャッシュレス・ネット銀行・ネット証券)の競争環境と経済圏
8maki
0
1.1k
MySQL の SQL クエリチューニングの要所を掴む勉強会
andpad
3
6.3k
Janus
bkuhlmann
1
490
ServiceNow Knowledge Learning Rise up
manarobot
0
210
ChatworkのSRE部って実は 半分くらいPlatform Engineering部かもしれない
saramune
0
160

Featured

See All Featured
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
20
1.9k
In The Pink: A Labor of Love
frogandcode
138
21k
Build your cross-platform service in a week with App Engine
jlugia
225
17k
What the flash - Photography Introduction
edds
64
11k
How to name files
jennybc
65
93k
"I'm Feeling Lucky" - Building Great Search Experiences for Today's Users (#IAC19)
danielanewman
221
21k
What's in a price? How to price your products and services
michaelherold
237
11k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
9
8.3k
Scaling GitHub
holman
457
140k
The Cost Of JavaScript in 2023
addyosmani
16
3.9k
KATA
mclloyd
15
12k
Pencils Down: Stop Designing & Start Developing
hursman
117
11k

Transcript

  1. -FUT&ODSZQU Ͱ࢝ΊΔ44-ূ໌ॻ খྛɹ޼ !DIBNBIBSVO

  2. ൃදऀ঺հ ΠϯϑϥΤϯδχΞ ๺ւಓग़਎04$೥໨ʢͨͿΜʣ ϗεςΟϯάܥاۀͰαʔόӡ༻Λ୲౰ ΠϥετਤղͰΑ͘Θ͔Δ *5Πϯϑϥͷجૅ஌ࣝ ˡܠ඼ʹ͋Γ·͢ʂ 4PGUXBSF%FTJHO
 ΤϐιʔυͰ֮͑Δ6/*9ίϚϯυ খྛɹ޼ʢ!DIBNBIBSVOʣ

  3. ͜Μͳهࣄॻ͖·ͨ͠ -FUT&ODSZQU DFSUCPU Λ࢖ͬͯϫΠϧυΧʔυূ໌ॻ͢Δʂ
 ͋ͱͪΐͬͱ 
 IUUQTRJJUBDPNDIBNBIBSVOJUFNTCDEDDGFCE -FUT&ODSZQU DFSUCPU ͰϫΠϧυΧʔυূ໌ॻͰ͖ͨ

    IUUQTRJJUBDPNDIBNBIBSVOJUFNTDCCBCDCD ʮϫΠϧυΧʔυ΍ͬͯΈͨʯܥͰ೔ຊॳ͔΋

  4. ࠓ೔͓఻͑͢Δ͜ͱ w -FUT`T&ODSZQUͱ͸ w -FU`T&ODSZQUͷ࢖͍Ͳ͜Ζ w -FU`T&ODSZQUΛ༻͍ͨ44-ূ໌ॻͷऔಘɾߋ৽ํ๏ w -FU`T&ODSZQUͷϫΠϧυΧʔυূ໌ॻରԠͱ
 %/4ϓϥάΠϯͷ঺հ

  5. ࠓ೔΍Βͳ͍͜ͱ w ҰاۀɾαʔϏεͷએ఻ɾ൷൑
 ͨͩ͠ɺศར͔ͩΒ౰ͨΓલʹͳͬͯཉ͍͠ɺ
 ͱ͍͏΋ͷΛআ͘  w 44-Λࢧ͑Δٕज़ͷࡉ͔͍෦෼ͷղઆ

  6. 44-ͬͯԿ͚ͩͬ w 44-4FDVSF4PDLFU-BZFS w ޙܧن֨5-45SBOTQPSU-BZFS4FDVSJUZ  w ௨৴Λ҉߸Խ͢Δ͜ͱʹΑΓ౪ௌɾվ͟Μʹڧ͍ϓϩτ ίϧ w

    )55144.514'514ͳͲɺैདྷͷϓϩτίϧΛ 4FDVSFʹ͢Δ໾ׂΛ୲͏

  7. ͳͥࠓ44-ͳͷ͔ w ηΩϡϦςΟҙࣝͷߴ·ΓʹΑΓ)5514͕౰ͨΓલʹͳ Γͭͭ͋Δ w Ͱʙͷීٴ཰
 HPPHMFௐ΂ɺϓϥοτϗʔϜผ  w DISPNF

    ϦϦʔε༧ఆ ͔Βશͯͷ)551 αΠτʹܯࠂ͕ग़ΔΑ͏ʹ IUUQTCMPHDISPNJVNPSHBTFDVSFXFCJTIFSFUPTUBZIUNM IUUQTUSBOTQBSFODZSFQPSUHPPHMFDPNIUUQTPWFSWJFX IMKB

  8. 44-ͷ࢓૊ΈΛ؆୯ʹ ϦΫΤετ ূ໌ॻɾެ։伴 伴ަ׵ ҆શͳ௨৴ ΫϥΠΞϯτ αʔό

  9. 44-ূ໌ॻ w ௨৴ઌͷαʔό͕ຊ෺Ͱ͋Δূ໌ w ೝূہʹΑΓൃߦ͞ΕΔ w छྨ͋Δ ӡӦऀ ೝূہ αʔό

    ਃ੥ɾࢧ෷͍ ೝূɾൃߦ ઃஔ ূ໌ॻ

  10. 44-ূ໌ॻ w ূ໌ॻࣗମͷূ໌΋ূ໌ॻʹΑΓݕূ͞ΕΔ w ֊૚ߏ଄ͷূ໌ॻʹϧʔτূ໌ॻ w ϧʔτূ໌ॻ͸௨ৗϒϥ΢βʹΠϯετʔϧ͞Ε͍ͯΔ w ֊૚ߏ଄ΛḷΕͳ͍ূ໌ॻʹ͸ܯࠂ͕ग़Δ αʔόͷূ໌ॻ

    தؒূ໌ॻ ϧʔτূ໌ॻ ূ໌ ূ໌

  11. 44-ূ໌ॻͷछྨͱՁ֨ ೝূ ͢Δ΋ͷ ৴པੑ Ձ֨ %7 υϝΠϯ ॴ༗ऀ ௿
 ਺ઍ

    07 ӡӦ૊৫
 ి࿩ͳͲ த
 ਺ສ &7 ӡӦ૊৫
 اۀ%#ͳͲ ߴ
 ਺ສ &7ূ໌ॻͰ͸ ΞυϨεόʔʹاۀ໊͕ೖΔ ֬ೝ͢Δ΋ͷ͕૿͑Δʹ࿈Ε ৴པੑɾՁ֨ɾೲظ૿

  12. ແྉͷ44-ূ໌ॻ ৴པੑ͸Ͳ͏ͳͷʁ ͲΜͳ΋ͷ͕͋Δͷʁ υϝΠϯϨϕϧͰͷೝূ
 ʹߴ͍৴པੑ͕ٻΊΒΕΔ؀ڥͰ͸ෆ޲͖ ݸਓن໛اۀͰ΋։ൃ؀ڥͳͲͰ͸༗༻ ࣗݾॺ໊ূ໌ॻ 4UBSU$0. 8P4JHOˠͰ৽نൃߦఀࢭ -FU`T&ODSZQUˠࠓ೔ͷຊ୊

  13. -FU`T&ODSZQU w *43( *OUFSOFU4FDVSJUZ3FTFBSDI(SPVQ 
 ͕ӡӦ͢Δೝূہ w औಘɾߋ৽ͳͲͷखଓ͖͕ࣗಈԽ͞Ε͍ͯΔ w %7ূ໌ॻΛແྉͰར༻Մೳ

    w ূ໌ॻͷ༗ޮظݶ͸೔

  14. Ϩϯλϧαʔό֤ࣾͰͷ ରԠ΋ਐΉ w ϩϦϙοϓ w ΤοΫεαʔόʔ w ͘͞ΒͷϨϯλϧαʔό w ΧΰϠɾδϟύϯ

    ͳͲ ίϚϯυୟ͔ͣίϯτϩʔϧύωϧ͔Βૢ࡞Ͱ͖Δ৔߹΋

  15. "$.&ϓϩτίϧ "$.&ΫϥΠΞϯτ "$.&αʔό 8FCαʔό
 %/4αʔό υϝΠϯॴ༗ऀ ૢ࡞ νϟϨϯδཁٻ จࣈྻΛࢦఆ จࣈྻΛઃஔ

    ΞΫηεɾ֬ೝ υϝΠϯॴ༗ऀͷೝূ͔Βূ໌ॻͷൃߦ·ͰΛࣗಈԽ υϝΠϯॴ༗ऀʹจࣈྻΛ༩͑ɺ %/4αʔό΋͘͠͸8FCαʔόʹԠ౴ͤ͞Δ

  16. )551ೝূͱ%/4ೝূ υϝΠϯʹ595ϨίʔυΛ௥ՃͰ͖Δඞཁ͕͋Δ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕͋Δ %/4ೝূ )551ೝূ ֎෦ʹ8FCαʔόΛެ։͢Δඞཁ͕ͳ͍ ಺෦޲͚αΠτͳͲͰ΋࢖͑Δ ϫΠϧυΧʔυূ໌ॻͰ͸%/4ೝূඞਢ ݱࡏ

  17. ಋೖͯ͠ΈΔ w ZVN BQU౳ͷύοέʔδϚωʔδϟͰ؆୯ʹΠϯετʔ ϧ w QJQܦ༝Ͱ΋ΠϯετʔϧՄೳ w ֤छϓϥάΠϯ͕ॆ࣮ ެࣜਪ঑ΫϥΠΞϯτɿDFSUCPU

    IUUQTDFSUCPUF⒎PSHɹͰΞʔΩςΫνϟΛબ୒ˠ࠷దͳΠϯετʔϧํ๏

  18. XFCSPPUϓϥάΠϯ )551ೝূΛ؆୯ʹ͢ΔϓϥάΠϯ ೝূ༻จࣈྻͷϑΝΠϧΛಛఆͷύεʹ࡞੒ͯ͘͠ΕΔ DFSUCPUDFSUPOMZ XFCSPPU NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL EUFTUPTBLFPOMJOF XVTSTIBSFOHJOYIUNM

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε ŠNBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ ŠBHSFFUPTن໿ʹಉҙ Xೝূ༻จࣈྻͷϑΝΠϧͷύεɹ ύεXFMMLOPXOBDNFDIBMMFOHF

  19. *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFUFTUPTBLFPOMJOFQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX BMM

    PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  20. ߋ৽΋؆୯ʹ DFSUCPUSFOFXίϚϯυ ༗ޮظݶ͕࢒Γ೔Λ੾͍ͬͯͨΒߋ৽ QPTUIPPLΦϓγϣϯͰ8FCαʔόΛϦϩʔυ͢Δͱศར DSPOͳͲͰఆظతʹ࣮ߦ͢Δ͜ͱͰظݶ੾ΕΛ๷ࢭ DFSUCPUSFOFXUJNFS 8FCαʔόͷϦϩʔυ͸FUDTZTDPOpHDFSUCPUͷ1045@)00,ʹ TZTUFNDUMFOBCMFŠOPXDFSUCPUSFOFXUJNFS TZTUFNEUJNFS༻ઃఆϑΝΠϧ͕༧ΊΠϯετʔϧ͞Ε͍ͯΔ

  21. ෳ਺υϝΠϯʹରͯ͠ ൃߦ͢Δ w 4"/4VCKFDU"MUFSOBUJWF/BNF w EΦϓγϣϯΛෳ਺͚ͭΔ͜ͱͰෳ਺υϝΠϯରԠͷূ ໌ॻʹͳΔˠҰ൪࠷ॳͷυϝΠϯ͕୅දʹͳΔ w 8FCαʔόͰɹXFMMLOPXOBDNFDIBMMFOHFɹΛ ಉ͡σΟϨΫτϦΛࢀর͢ΔΑ͏ʹ͢Δͱศར

    w ୔ࢁαϒυϝΠϯ௥Ճͯ͠؅ཧ͕໘౗
 ˠϫΠϧυΧʔυূ໌ॻ

  22. ϫΠϧυΧʔυূ໌ॻ ͲͷಉҰ֊૚αϒυϝΠϯʹରͯ͠΋࢖༻Ͱ͖Δূ໌ॻ FYBNQMFDPN XXXFYBNQMFDPN NBJMFYBNQMFDPN UFTUXXXFYBNQMFDPN ⭕ ❌ FYBNQMFDPN

  23. ϫΠϧυΧʔυূ໌ॻ w ʹ-FU`T&ODSZQU͕"$.&WͰରԠ w %/4ೝূ͕ඞཁ w TFSWFSΦϓγϣϯͰ"$.&Wαʔόͷࢦఆ͕ඞཁ

  24. ϫΠϧυΧʔυূ໌ॻͷ࢖͍ॴ αϒυϝΠϯ͕୔ࢁ͋Δ࣌ ؾ͔ͮΕͨ͘ͳ͍αϒυϝΠϯ͕ଘࡏ͢Δ࣌ IUUQTUXJUUFSDPN@ZZV@TUBUVT ͳͲ

  25. ϫΠϧυΧʔυূ໌ॻ Λऔಘͯ͠ΈΔ DFSUCPUDFSUPOMZNBOVBM E DSLCDP NϝʔϧΞυϨε BHSFFUPT ŠNBOVBMQVCMJDJQMPHHJOHPL QSFGFSSFEDIBMMFOHFTEOT ŠTFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ

    NBOVBMϓϥάΠϯͳ͠ EυϝΠϯ NϝʔϧΞυϨε NBOVBMQVCMJDJQMPHHJOHPL*1ΞυϨε͕ه࿥͞ΕΔࣄʹಉҙ QSFGFSSFEDIBMMFOHFTೝূํ๏ɹEOTඞਢ TFSWFSೝূαʔό"$.&Wαʔόඞਢ

  26. ίϚϯυग़ྗ 4BWJOHEFCVHMPHUPWBSMPHMFUTFODSZQUMFUTFODSZQUMPH 1MVHJOTTFMFDUFE"VUIFOUJDBUPSNBOVBM *OTUBMMFS/POF4UBSUJOHOFX)5514 DPOOFDUJPO  BDNFWBQJMFUTFODSZQUPSH0CUBJOJOHBOFXDFSUJpDBUF 1FSGPSNJOHUIFGPMMPXJOHDIBMMFOHFTEOTDIBMMFOHFGPSDSLCDP  1MFBTFEFQMPZB%/4595SFDPSEVOEFSUIFOBNF@BDNFDIBMMFOHFDSLCDP

    XJUIUIFGPMMPXJOHWBMVF NIM).'73WDFS/;6#5$$5MEQ5L:S5#)9BG,. #FGPSFDPOUJOVJOH WFSJGZUIFSFDPSEJTEFQMPZFE  1SFTT&OUFSUP$POUJOVF

  27. 595ϨίʔυΛखಈͰ௥Ճ

  28. 595ϨίʔυΛ൓өޙ *.1035"/5/05&4 $POHSBUVMBUJPOT:PVSDFSUJpDBUFBOEDIBJOIBWFCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPGVMMDIBJOQFN :PVSLFZpMFIBTCFFOTBWFEBU FUDMFUTFODSZQUMJWFDSLCDPQSJWLFZQFN :PVSDFSUXJMMFYQJSFPO5PPCUBJOBOFXPSUXFBLFE WFSTJPOPGUIJTDFSUJpDBUFJOUIFGVUVSF TJNQMZSVODFSUCPU BHBJO5POPOJOUFSBDUJWFMZSFOFX

    BMM PGZPVSDFSUJpDBUFT SVO DFSUCPUSFOFX *GZPVMJLF$FSUCPU QMFBTFDPOTJEFSTVQQPSUJOHPVSXPSLCZ %POBUJOHUP*43(-FUT&ODSZQUIUUQTMFUTFODSZQUPSHEPOBUF %POBUJOHUP&''IUUQTF⒎PSHEPOBUFMF

  29. %/4ͷϓϥάΠϯ͕ศར w ূ໌ॻͷൃߦɾߋ৽࣌ʹ595ϨίʔυΛ௥Ճ͢Δͷ͸໘౗ w ϓϥάΠϯʹ೚ͤΔͱ͍͏ख΋͋Δ w DMPVEqBSF w EJHJUBMPDFBO w

    HPPHMFDMPVEEOT w "84SPVUF ͳͲछྨͷ%/4αʔϏε3'$ʹରԠ

  30. (PPHMF$MPVE%/4 Ͱ΍ͬͯΈͨ ʮ"1*ͱαʔϏεʯˠ ʮೝূ৘ใΛ࡞੒ʯˠ ʮαʔϏεΞΧ΢ϯτΩʔʯ ೝূ৘ใΛ+40/Ͱμ΢ϯϩʔυ +40/ϑΝΠϧͷύʔϛογϣϯΛʹมߋ

  31. EOTHPPHMFDSFEFOUJBMTΦϓγϣϯͰ+40/ϑΝΠϧΛࢦఆ͢Δ͚ͩ DFSUCPUDFSUPOMZ EOTHPPHMF EOTHPPHMFDSFEFOUJBMTdTFDSFUTDFSUCPUHPPHMFKTPO E LPCBOFU BHSFFUPT NϝʔϧΞυϨε TFSWFSIUUQTBDNFWBQJMFUTFODSZQUPSHEJSFDUPSZ NBOVBMQVCMJDJQMPHHJOHPL

    EOTHPPHMFΦϓγϣϯΛࢦఆ ύοέʔδϚωʔδϟͰDFSUCPUEOTHPPHMFΛΠϯετʔϧ ূ໌ॻൃߦ׬ྃʂ

  32. "843PVUF Ͱ΍ͬͯΈͨ ʮ*".ʯˠϢʔβʔΛ௥Ճ ʮ"NB[PO3PVUF%PNBJOT'VMM"DDFTTʯΛΞλον dBXTDPOpHʹ BXT@BDDFTT@LFZ@JEͱBXT@TFDSFU@BDDFTT@LFZΛ௥Ճ

  33. DFSUCPUDFSUPOMZ EOTSPVUF EPTBLFPOMJOF NϝʔϧΞυϨε BHSFFUPT NBOVBMQVCMJDJQMPHHJOHPL dBXTDPOpH͕ಡΈࠐ·Εɺ%/4ʹ595Ϩίʔυ͕௥Ճ͞ΕΔ ŠEOTSPVUFΦϓγϣϯΛ͚ͭΔ͚ͩ ূ໌ॻൃߦ׬ྃʂ

  34. ࠓޙରԠ༧ఆʁ w "[VSF%/4 w -JOPEF w ͘͞ΒͷΫϥ΢υ w (FIJSO%/4 w

    (PEBEEZ IUUQTHJUIVCDPNDFSUCPUDFSUCPUJTTVFT RJT"QS JT"PQFO MBCFM"BSFB" EOT ༗ࢤʹΑΓ13͕ग़͞Ε͍ͯΔ

  35. ·ͱΊ w -FU`T&ODSZQUΛ࢖͑͹ແྉɾखܰʹ
 44-ূ໌ॻΛར༻Ͱ͖Δ w ϫΠϧυΧʔυʹ΋ରԠͨ͠ͷͰߋʹ࢖͍΍͘͢ w %/4ϓϥάΠϯΛ࢖͑͹ΑΓ؆୯ʹ w ࣭໰ͳͲ͋Ε͹!DIBNBIBSVO·Ͱ

    w ࠙਌ձߦ͖·͢ʂ