ACMを使ってWordPressをHTTPSに対応させてみる

Transcript

1. ؠాɹஐ࠸ ACMΛ࢖ͬͯWordPressΛHTTPSʹରԠͤͯ͞ΈΔ

2. ࣗݾ঺հ
    ؠాɹஐ࠸ wαʔόʔϨε։ൃ෦
   w೥݄ೖࣾ
   wࣾྺˍ"84ྺɹϲ݄໨
   wલ৬Ͱ͸-".1؀ڥͰͷ։ൃ౳Λܦݧ "QBDIF /HJOY΁ͷ44-ূ໌ॻ૊ࠐܦݧଟ਺

3. ࠓ೔࿩͢͜ͱɺ࿩͞ͳ͍͜ͱ
    w ࿩͢͜ͱ
   w "$.౳ɺ"84αʔϏεͷجૅ஌ࣝ
   w ࿩͞ͳ͍͜ͱ
   w

   "$.౳ɺ"84αʔϏεͷԠ༻஌ࣝ
   w "$.ͱ-FU`T
   &ODSZQUͷൺֱ
   w 8PSE1SFTTʹ͍ͭͯ

4. 
    AWSॳ৺ऀ޲͚ͱ͍͏͜ͱͰɺ Ҏޙొ৔͢Δ୯ޠʹ͍ͭͯ ؆୯ʹઆ໌͠·͢ɻ ͸͡Ίʹ

5. ొ৔͢Δ༻ޠͷ؆୯ͳઆ໌ᶃ
    w &$ "NB[PO
   &MBTUJD
   $PNQVUF
   $MPVE
   w Ծ૝αʔόʔఏڙαʔϏε
   w

   &-# &MBTUJD
   -PBE
   #BMBODJOH
   w ϩʔυόϥϯαʔͷϚωʔδυαʔϏε
   w 3PVUF
   w %/4αʔϏε
   w )PTUFE;POF
   w 3PVUFʹ͓͚ΔκʔϯϑΝΠϧͷΑ͏ͳ΋ͷ

6. ొ৔͢Δ༻ޠͷ؆୯ͳઆ໌ᶄ
   
    w "NB[PO
   "1*
   (BUFXBZ
   w "1*
   Λ࡞੒ɺӡ༻͢ΔͨΊͷϚωʔδυαʔϏε
   w "NB[PO
   $MPVE
   'SPOU
   w

   $%/ ίϯςϯπ഑৴ωοτϫʔΫ αʔϏε
   w "84
   &MBTUJD
   #FBOTUBML
   w ΞϓϦͷ౷߹؅ཧϓϥοτϑΥʔϜ &$ʴϛυϧ΢ΣΞ
   w "84
   ,FZ
   .BOBHFNFOU
   4FSWJDF
   w ҉߸ԽΩʔΛ࡞੒ɺ؅ཧ͢ΔϚωʔδυαʔϏε

7. 
    ຊ୊ʹೖΓ·͢

8. 
    ACM(AWS Certificate Manager)ͱ͸ʁ

9. 8IBU
   JT
   "$.
    w ύϒϦοΫূ໌ॻͷൃߦ
   w αʔυύʔςΟʔͷূ໌ॻΠϯϙʔτ
   w ϓϥΠϕʔτ$"ͷߏஙɺӡ༻ ˞෼͔Γ΍͢͞Λॏࢹͯ͠ɺ5-4ɾ44-ͷҧ͍౳ແࢹͯ͠ɺ

   44-ূ໌ॻͱ͍͏දݱΛ࢖͍·͢ɻ "84
   $FSUJpDBUF
   .BOBHFS 44-ূ໌ॻͷ؅ཧɺӡ༻Λߦ͏ ͨΊͷϚωʔδυαʔϏε

10. 8IBU
    JT
    "$.
     w ύϒϦοΫূ໌ॻͷൃߦ
    w αʔυύʔςΟʔͷূ໌ॻΠϯϙʔτ
    w ϓϥΠϕʔτ$"ͷߏஙɺӡ༻ ˞෼͔Γ΍͢͞Λॏࢹͯ͠ɺ5-4ɾ44-ͷҧ͍౳ແࢹͯ͠ɺ

    44-ূ໌ॻͱ͍͏දݱΛ࢖͍·͢ɻ "84
    $FSUJpDBUF
    .BOBHFS 44-ূ໌ॻͷ؅ཧɺӡ༻Λߦ͏ ͨΊͷϚωʔδυαʔϏε ࠓճ͸આ໌͠·ͤΜ

11. "$.ύϒϦοΫূ໌ॻͷಛ௃ᶃ
     "84ͷαʔϏεͱ૊Έ߹Θͤͯ࢖͏͜ͱͰɺ
    44-ূ໌ॻΛ ແྉͰར༻Ͱ͖·͢ɻ ൃߦͨ͠44-ূ໌ॻ͸༗ޮظݶ͕
    ੾ΕΔલʹ ࣗಈͰߋ৽͞Ε·͢ɻ

12. "$.ύϒϦοΫূ໌ॻͷಛ௃ᶄ
     ͭͷূ໌ॻʹෳ਺ͷυϝΠϯΛؚΊΔ͜ͱ͕Ͱ͖Δ ϫΠϧυΧʔυυϝΠϯʹ΋ରԠ %/4΋͘͠͸&ϝʔϧͰυϝΠϯ؅ཧऀͷݕূ͕Մೳ

13. "$.ͱ౷߹Ͱ͖ΔαʔϏε
     Elastic Load Balancing Amazon CloudFront Amazon API

    Gateway AWS Elastic Beanstalk "$.Ͱൃߦͨ͠ύϒϦοΫূ໌ॻ͸
    ԼهͷαʔϏεͰར༻Ͱ͖·͢ɻ

14. "$.ͱ౷߹͢Δࡍͷ஫ҙ఺
     $MPVE
    'SPOU΋͘͠͸
    ઃఆ࣍ୈͰ "1*
    (BUFXBZͰར༻͢Δ৔߹͸
    όʔδχΞϦʔδϣϯͰ44-ূ໌ॻΛ
    ൃߦ͢Δඞཁ͕͋Γ·͢ɻ
    ⚠

15. "$.ʹ͓͚Δൿີ伴ͷ؅ཧ
     "84
    ,.4 "84
    $FSUJpDBUF
    .BOBHFS w"$.͸"84
    ,.4Ͱ҉߸Խ͞Εͨൿີ伴Λอ࣋
    w֤αʔϏε͸,.4Λ࢖ͬͯ"$.ͷൿີ伴Λ෮߸Խͯ͠ར༻͢Δ ॳճͷϦΫΤετ࣌ʹ
    ΧελϚʔϚελʔΩʔΛ࡞੒ ΧελϚʔϚελʔΩʔͰ
    

    ൿີ伴Λ҉߸Խͯ͠อଘ

16. 
     ACMΛ࢖Θͳ͍ ҰൠతͳSSLূ໌ॻऔಘ&ߋ৽ͷྲྀΕ

17. Α͋͘Δূ໌ॻऔಘɾ૊ࠐͷྲྀΕᶃ
     ߪೖखଓ͖ ൿີ伴ͱ $43Λ
    ࡞੒ͯ͠ਃ੥ ৔߹ʹΑͬͯ͸
    ࡏ੶֬ೝ

18. Α͋͘Δূ໌ॻऔಘɾ૊ࠐͷྲྀΕᶄ
     ূ໌ॻൃߦ׬ྃ ূ໌ॻ഑ஔͱ
    8FCαʔόʔͷ
    ઃఆϑΝΠϧमਖ਼ υΩυΩ͠ͳ͕Β
    8FCαʔόʔͷ
    3FMPBE

19. Α͋͘Δূ໌ॻߋ৽ͷྲྀΕ
     ๨Εͨࠒʹ
    ΍͖ͬͯͯ ඍ͔ͳهԱΛཔΓʹ
    ࡞ۀΛ࣮ࢪ υΩυΩ͠ͳ͕Β
    8FCαʔόʔͷ
    3FMPBE

20. 44-ূ໌ॻಋೖɺߋ৽Ͱݏͩͬͨͱ͜Ζ
     w ূ໌ॻपΓͷઃఆϑΝΠϧͬͯͲ͏ॻ͘Μ͚ͩͬʁʁ
    w தؒূ໌ॻʁʁ
    w ߋ৽ͷ࣌ͬͯൿີ伴ͱ͔$43͸࡞Γ௚͢ʁʁ
    w

    ߋ৽͕ՆٳΈͷ॓୊తʹΪϦΪϦʹͳΓ͕ͪ
    w ಋೖɺߋ৽ͷࡍʹαʔϏεࢭ·Βͳ͍͔ෆ҆

21. 
     ACMΛ࢖͑͹ɺ ͜͏͍ͬͨෆ҆΍໘౗͝ͱ͔Β ղ์͞Ε·͢ʂʂ

22. "$.ͷ৔߹
     Ϛωδϝϯτίϯιʔϧ͔Βϙνϙνͱ
    ਺ΫϦοΫɾ਺λΠϓ
    ͢Δ͚ͩͰূ໌ॻ͕ൃߦՄೳʂʂ

23. 
     ࣮ࡍʹূ໌ॻΛऔಘͯ͠ ELBʹ૊ΈࠐΜͰΈ·͢

24. ߏங͢Δ؀ڥ
     Route53 Hosted Zone AWS Certificate Manager WordPress

    on EC2 Application Load Balancer

25. 
     ࠓճ͸࣌ؒͷ౎߹্ɺ WordPress؀ڥΛࣄલʹߏங͍ͯ͠·͢

26. ߏங͢Δ؀ڥ
     Route53 Hosted Zone AWS Certificate Manager WordPress

    on EC2 Application Load Balancer ίίҎ֎ߏஙࡁΈ

27. 
     σϞαΠτʹ)551ͰΞΫηε

28. 
     σϞαΠτʹ)5514ͰΞΫηε

29. 
     "$.μογϡϘʔυ

30. 
     ূ໌ॻͷϦΫΤετ

31. 
     υϝΠϯ໊ͷ௥Ճ

32. 
     ݕূํ๏ͷબ୒

33. 
     ֬ೝͱϦΫΤετ

34. 
     ݕূ

35. 
     ূ໌ॻҰཡ ͠͹Β͘͢Δͱ࢖༻Մೳʹʂ

36. 
     3PVUFͷ)PTUFE
    ;POF

37. 
     3PVUFͷ)PTUFE
    ;POF

38. 
     "-#ʹϦεφʔΛ௥Ճ

39. 
     "-#ʹϦεφʔΛ௥Ճ

40. 
     8PSE1SFTTͷઃఆΛมߋ

41. 
     8PSE1SFTTͷιʔεΛमਖ਼ XQJODMVEFTMPBEQIQ಺ͷJT@TTMΛमਖ਼

42. 
     )5514ରԠ׬ྃʂʂ

43. 
     3PVUFʹ࡞੒͞ΕͨϨίʔυ

44. 
     ͜ͷΑ͏ʹɺACMΛར༻͢Δ͜ͱͰ SSLূ໌ॻؔ࿈ͷ໘౗ͳӡ༻͔Β ղ์͞Ε·͢ʂʂ (͔͠΋ແྉ)

45. "$.Λར༻͢Δ্Ͱͷ஫ҙ఺
     ACMͰग़དྷͳ͍͜ͱ΋ɾɾɾ

46. 
     "$.ͰͰ͖ͳ͍͜ͱ w ύϒϦοΫ૊৫ೝূ 07 ɺ֦ுೝূ &7
    w

    υϝΠϯೝূ %7 ͷΈରԠ
    w &$΍ΦϯϓϨαʔόʔ΁ͷ44-ূ໌ॻͷ૊ࠐ
    w ઌ΄Ͳ঺հͨͭ͠ͷ"84αʔϏεͷΈͰར༻Մೳ

47. 
     ·ͱΊ ଟগͷલఏ৚݅͸͋Γ·͕͢ɺ
    ͏·͘ϋϚΕ͹ӡ༻ෛՙΛ
    େ͖͘Լ͛Δ͜ͱ͕ՄೳͰ͢ɻ

48. 
     ·ͱΊ "$.Λ׆༻ͯ͠
    շదͳ)5514ϥΠϑΛʂʂ

49. 
     ͝੩ௌ͋Γ͕ͱ͏͍͟͝·ͨ͠