Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
SSl と仲良くなるやり方
Search
Sponsored
·
Ship Features Fearlessly
Turn features on and off without deploys. Used by thousands of Ruby developers.
→
mickey
September 09, 2016
Technology
1
3.7k
SSl と仲良くなるやり方
mickey
September 09, 2016
Tweet
Share
More Decks by mickey
See All by mickey
超Redisマスターになる話
happysiro
0
110
BINDからの卒業
happysiro
1
2.5k
Other Decks in Technology
See All in Technology
顧客との商談議事録をみんなで読んで顧客解像度を上げよう
shibayu36
0
300
登壇駆動学習のすすめ — CfPのネタの見つけ方と書くときに意識していること
bicstone
3
130
22nd ACRi Webinar - NTT Kawahara-san's slide
nao_sumikawa
0
100
Frontier Agents (Kiro autonomous agent / AWS Security Agent / AWS DevOps Agent) の紹介
msysh
3
180
仕様書駆動AI開発の実践: Issue→Skill→PRテンプレで 再現性を作る
knishioka
2
680
[CV勉強会@関東 World Model 読み会] Orbis: Overcoming Challenges of Long-Horizon Prediction in Driving World Models (Mousakhan+, NeurIPS 2025)
abemii
0
150
Agile Leadership Summit Keynote 2026
m_seki
1
670
StrandsとNeptuneを使ってナレッジグラフを構築する
yakumo
1
130
プロダクト成長を支える開発基盤とスケールに伴う課題
yuu26
4
1.4k
FinTech SREのAWSサービス活用/Leveraging AWS Services in FinTech SRE
maaaato
0
130
ファインディの横断SREがTakumi byGMOと取り組む、セキュリティと開発スピードの両立
rvirus0817
1
1.6k
AWS Network Firewall Proxyを触ってみた
nagisa53
1
240
Featured
See All Featured
End of SEO as We Know It (SMX Advanced Version)
ipullrank
3
3.9k
From π to Pie charts
rasagy
0
130
How to build a perfect <img>
jonoalderson
1
4.9k
Stewardship and Sustainability of Urban and Community Forests
pwiseman
0
110
The Illustrated Children's Guide to Kubernetes
chrisshort
51
51k
Self-Hosted WebAssembly Runtime for Runtime-Neutral Checkpoint/Restore in Edge–Cloud Continuum
chikuwait
0
340
Beyond borders and beyond the search box: How to win the global "messy middle" with AI-driven SEO
davidcarrasco
1
57
Exploring anti-patterns in Rails
aemeredith
2
250
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
234
17k
Introduction to Domain-Driven Design and Collaborative software design
baasie
1
590
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
12
1k
Optimising Largest Contentful Paint
csswizardry
37
3.6k
Transcript
ࡾπݡҰ(.01&1"#0JOD ϖύϘςοΫΧϯϑΝϨϯε 44-ͱྑ͘ͳΔΓํ
ΠϯϑϥΤϯδχΞ ࡾπݡҰ!NJDLFZ ٕज़෦Πϯϑϥάϧʔϓ
ΠϯϑϥΤϯδχΞ ࡾπݡҰ!NJDLFZ ٕज़෦Πϯϑϥάϧʔϓ
Χϥʔϛʔγϣοϓ
None
44-ͬͯͳΜͩΖ͏ʁ
None
44-Λར༻͢Δͱ
ใͷվ͟Μ
ใͷ౪Έݟ
Λ͙ࣄ͕Ͱ͖·͢
͜ΕΛͲ͏࣮ͬͯݱͨ͠ͷ͔ʁ
࣮ͷঢ়گ wαϒυϝΠϯͷৗ࣌44-Խ wATIPQQSPKQAυϝΠϯ ͨͱ͑ɼFYBNQMFTIPQ QSPKQ ͷৗ࣌44-ԽΛߦ͍·͢ wಠࣗυϝΠϯ FYBNQMFDPN ͷৗ࣌44-Խ wಠࣗυϝΠϯ
FYBNQMFDPN ͷৗ࣌44-Խ
શମͷߏ
ߏ Ҏલͷߏ ࠓͷߏ -PBE#BMBODFS "QQMJDBUJPO 4FSWFS "QQMJDBUJPO 4FSWFS -PBE#BMBODFS 3FWFSTF
1SPYZ 3FWFSTF 1SPYZ "QQMJDBUJPO 4FSWFS "QQMJDBUJPO 4FSWFS
-PBE#BMBODFS 3FWFSTF 1SPYZ 3FWFSTF 1SPYZ "QQMJDBUJPO 4FSWFS "QQMJDBUJPO 4FSWFS ಛ
-PBE#BMBODFS 3FWFSTF 1SPYZ 3FWFSTF 1SPYZ "QQMJDBUJPO 4FSWFS "QQMJDBUJPO 4FSWFS
1SPYZΛஔ͍ͨཧ༝ wେྔͷূ໌ॻΛཧͨ࣌͠ɼϝϞϦফඅྔ͕૿͑ͯ͠·͏ wେྔʹূ໌ॻΛಡΈࠐΉͷͰɼ̍ͭͷϓϩηε͋ͨΓ ͷϝϞϦফඅྔ͕૿͑·͢ ϓϩηε .BOBHFS ϓϩηε ϓϩηε
1SPYZΛஔ͍ͨཧ༝ w"QBDIFϦΫΤετ͝ͱʹɼϓϩηε͕૿͑·͢ wͳͷͰɼϓϩηε͕ଠ͍ͬͯΔͱશମͱͯ͠ϝϞϦফඅ ྔ͕૿͑·͢ ϓϩηε .BOBHFS ϓϩηε ϓϩηε
1SPYZΛஔ͍ͨཧ༝ wOHJOYͩͱɼ୯ҰͷϓϩηεͰϦΫΤετΛॲཧ͢Δํ ࣜͷͳͷͰɼϝϞϦফඅྔ͕૿͑·ͤΜ w·ͨɼࠓޙɼಠࣗυϝΠϯͷৗ࣌44-ରԠͰɼ OHY@NSVCZΛ༻͍ͨಈతͳূ໌ॻͷಡΈࠐΈΛߦ͍ͨ ͔͔ͬͨΒͰ͢
ͭͷΈ͕͋Γ·ͨ͠
ύϑΥʔϚϯε
ύϑΥʔϚϯεͷݒ೦ w1SPYZͷΦʔόʔϔου w1SPYZͱ"QQMJDBUJPOαʔόʔͷ௨৴͕༨ܭʹൃੜ͢Δࣄ ʹΑΔϨΠςϯγͷ૿Ճ w44-Խʹͱͳ͏Φʔόʔϔου w҉߸Խͱ෮߸ʹϦιʔεΛফඅ͢ΔࣄʹΑΔεϧʔϓοτͷ Լ w44-ͷηογϣϯͷཱ֬ʹΑΔϨΠςϯγͷ૿Ճ
ҰͭҰͭݕূ͍͖ͯ͠·ͨ͠
ݕূํ๏ wෛՙࢼݧΛ࣮ࢪ͠ɼεϧʔϓοτͱϨΠςϯγΛௐࠪ͠·ͨ͠ wෳͷαʔόʔ͔ΒෛՙΛ͔͚ΔͨΊɼ-0$645 IUUQ MPDVTUJP ͱ͍͏πʔϧΛ༻͍·ͨ͠
1SPYZʹΑΔΦʔόʔϔου w ݕূͨ݁͠Ռɼ΄ͱΜͲѱԽ ͠·ͤΜͰͨ͠ w 1SPYZͱ"QQMJDBUJPO4FSWFS ͕ಉ͡%$ʹ͔͋ͬͨΒͰ͢ -PBE#BMBODFS 3FWFSTF 1SPYZ
3FWFSTF 1SPYZ "QQMJDBUJPO 4FSWFS "QQMJDBUJPO 4FSWFS %BUB$FOUFS
҉߸Խ෮߸ԽʹΑΔΦʔόʔϔου wௐࠪͨ͠ͱ͜Ζɼ҉߸Խͱ෮߸Խʹ͙Β͍$16ར༻ ͕૿Ճ͢Δͱ͍͏͜ͱͰͨ͠ w࣮ࡍʹෛՙࢼݧΛͯ͠Έͨͱ͜Ζɼ1SPYZࣗମͷෛՙ͕େ ͖͘ͳΔ͜ͱ͋Γ·ͤΜͰͨ͠ IUUQTXXXJNQFSJBMWJPMFUPSHPWFSDMPDLJOHTTMIUNM
Γηογϣϯཱ֬ͷΦʔόʔϔου
ηογϣϯཱ֬ͷΦʔόʔϔου )551 44- )5514 GET / Client Server HTTP 3FTQPODF
Client Hello TLS/SSL Session Establish Client Server Server Hello Certificate Server Key Exchange Server Hello Done Client Key Exchange Change Cipher Spec Finished Change Cipher Spec Finished GET / HTTP 3FTQPODF
ͲͷΑ͏ʹղফͨ͠ͷ͔
4FTTJPO3FTVNQUJPO wҰཱ֬ͨ͠ηογϣϯΛ࠶ར༻͢ΔͨΊͷΈͰ͢ wҎԼͷछྨ͕͋Γ·͢ wαʔόʔଆͰηογϣϯใΛ֮͑Δํࣜ w4FTTJPO$BDIF wΫϥΠΞϯτଆͰηογϣϯใΛ֮͑Δํࣜ w4FTTJPO5JDLFU
4FTTJPO$BDIF w44-ͷηογϣϯͷཱ֬ʹඞཁͳใΛ$BDIF͢Δ ͷͰ͢ wෳͷαʔόʔΛར༻͢ΔͳΒɼԿΒ͔ͷํ๏Ͱ $BDIFΛڞ༗͢Δඞཁ͕͋Γ·͢ w/HJOYͰɼ͜ͷڞ༗ͷͨΊͷʹରԠ͍ͯ͠· ͤΜ
4FTTJPO5JDLFU w 4FSWFS͕อଘ͢ΔηογϣϯใΛ ҉߸Խͯ͠ɼΫϥΠΞϯτʹૹΓɼΫ ϥΠΞϯτ͕ηογϣϯΛΩϟογϡ ͢Δͱ͍͏ΈͰ͢ Client Hello TLS/SSL Session
Establish Client Server Server Hello Finished Finished New Session Ticket
4FTTJPO5JDLFU w࠶։͢Δ࣌ɼ w$MJFOU͕$MJFOU)FMMPͱͱ ʹ4FTTJPO5JDLFUΛ 4FSWFSʹૹΔ wͦͷޙɼෳ߹ͱݕূʹޭ͢ ΕηογϣϯΛ࠶։͢Δ Client Hello TLS/SSL
Session Establish Client Server Server Hello Change Cipher Spec Finished Change Cipher Spec Finished Session Ticket
4FTTJPO5JDLFULFZͷఆظతͳߋ৽ w4FTTJPO5JDLFULFZ͕࿙Ӯ͢Δͱɼ44-௨৴͕ղಡͰ͖ͯ͠· ͍·͢ w͜ͷͨΊɼ4FTTJPO5JDLFULFZɼఔͰߋ৽͢Δ͜ͱ͕ਪ ͞Ε͍ͯ·͢ wגࣜձࣾϝϧΧϦͷ$POTVMΛར༻ͨ͠ࣄྫΛࢀߟʹ̍ຖʹߋ ৽͍ͯ͠·͢ IUUQUFDINFSDBSJDPNFOUSZ
݁Ռ
ৗ࣌44-Խ͍ͯ͠ͳ͍αʔό ৗ࣌44-Խͨ͠αʔό ݱ࣮ͷύϑΥʔϚϯε w44-Խ͢ΔલͱಉͱϨΠςϯγʹͳΓ·ͨ͠
44-ͷධՁ w44-Λ҆શੑͳͲͰධՁͨ͠ͱ͜Ζɼ" Ͱͨ͠
·ͱΊ
·ͱΊ w44-ͱྑ͘͢Δʹ͍͔ͭ͘ͷίπ͕ඞ༻Ͱ͢ w͜ͷൃදͰɼେྔͷূ໌ॻΛѻ͏ͳΒɼOHJOYΛར༻ͨ͠΄͏͕ྑ͍͜ ͱ w·ͨɼOHY@NSVCZΛར༻͢Εɼಈతʹূ໌ॻΛಡΈࠐΊΔ͜ͱ wύϑΥʔϚϯεΛམͱ͞ͳ͍ͨΊʹ4FTTJPO5DJLFUΛར༻ͨ͠΄͏͕ྑ ͍ wʹ͍ͭͯհ͠·ͨ͠
ࠓޙ wಠࣗυϝΠϯʹ͓͚Δৗ࣌44-ͷఏڙʹ͚ɼ։ൃΛਐΊ ͍͖ͯ·͢ w·ͨɼͲ͔͜ͰɼಠࣗυϝΠϯͷ࣌ͷΛհͰ͖ͨΒͱ ࢥ͍·͢