Upgrade to Pro — share decks privately, control downloads, hide ads and more …

完全無料でワイルドカード証明書を手に入れよう / How to get wildcard certs without any charges

A86c914ae9d4b345a4962db71d1e186a?s=47 Ken Ojiri
August 23, 2019
Technology
0
150

完全無料でワイルドカード証明書を手に入れよう / How to get wildcard certs without any charges

2019年8月23日 TechLunch (NTTコミュニケーションズ 社内イベント) にて発表

A86c914ae9d4b345a4962db71d1e186a?s=128

Ken Ojiri

August 23, 2019
Tweet

Other Decks in Technology

See All in Technology
9e7a653ed313b3da4b263a772bfc5026?s=48 clustervr
0
160
Fdcc88b334334c866232fab429ccca33?s=48 lancers_pr
4
1.4k
569f10721398d92f5033097ac6d9132c?s=48 thockin
3
830
Dcbf2269af2483cabf43128ad1718c11?s=48 grapecity_dev
0
130
8b0e9a3684bd29ecece29db2582e38ae?s=48 norioikedo
0
210
969c5a27250be9de60627c88208e5665?s=48 mamix1116
3
390
0ff628872d7bd890507a43c7c20b1804?s=48 yshr1200
0
170
Cd931bc05e7cee46b9a950a63e47ba4c?s=48 you
0
270
C0c0e8e4d7f83912cb1b1a0699df82a5?s=48 miyakemito
1
520
3115a782126be714b5f94d24073c957d?s=48 oracle4engineer
2
100
4b2f3a64637b51e81813accbe8a98083?s=48 miura55
0
240
93c80c388fe9d8f9df7d030549a0ff0b?s=48 chaspy
6
1.2k

Featured

See All Featured
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
31
3.4k
462dad0dd24c568a32dcdb0ae895ae1b?s=48 rasmusluckow
318
18k
053e75a5b48b44d6dd0612795dfb326d?s=48 notwaldorf
15
1.8k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
11
1.5k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
119
16k
78b475797a14c84799063c7cd073962f?s=48 holman
288
130k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
192
8.6k
168ccec72eee0530b818d44f3fedaacf?s=48 shlominoach
176
7.5k
Ba530e786553390f3fb271848485681c?s=48 3n
163
22k
E195ae45320d9202eaa01c9f1d31a416?s=48 marktimemedia
7
390
D83926c323d4f9289f947b4b4e76b939?s=48 jensimmons
207
10k
1177e050db6bafe62885362edf6e3537?s=48 lauravandoore
437
28k

Transcript

  1. ׬શແྉͰ ϫΠϧυΧʔυূ໌ॻΛ खʹೖΕΑ͏  ඌ৲݈

  2. ϫΠϧυΧʔυূ໌ॻʁ 9W4VCKFDU"MUFSOBUJWF/BNF 4"/

  3. ͳͥϫΠϧυΧʔυূ໌ॻ͕ ΄͍͠ͷ͔ wࠓ͞Βฏจ)551ͳ8FCαʔϏεΛ ৽نΦʔϓϯ͢ΔͳΜͯ͋Γ͑ͳ͍ wຊ൪؀ڥ͚ͩͰͳ͘ɺ$*؀ڥ΍։ൃ ؀ڥ΋)5514Խ͍͕ͨ͠ɺ'2%/ຖ ʹূ໌ॻൃߦͳΜͯ΍ͬͯΒΕͳ͍

  4. ʮ׬શແྉͰϫΠϧυΧʔυ ূ໌ॻʯͷλω໌͔͠ wແྉυϝΠϯ 'SFFOPN wແྉ੩త8FCαΠτ(JU)VC1BHFT wແྉ%/4αʔό $MPVEqBSF%/4 wແྉ5-4ূ໌ॻ -FU`T&ODSZQU

  5. ແྉυϝΠϯ'SFFOPN freenom.com

  6. ແྉυϝΠϯ'SFFOPN w.tk .ml .ga .cf .gqͷ֤5-%Ͱɺ
 ηΧϯυϨϕϧ͕จࣈҎ্ͩͱແྉ w ʢྫʣgikai.ml͸ແྉɻntt.cf͸༗ྉ wυϝΠϯͷ༗ޮظؒ͸ʙϲ݄

    w Ԇ௕͸ظݶ੾Εͷिؒલ͔Βखଓ͖Մೳ w ແྉυϝΠϯ͸Ԇ௕ͯ͠΋ͻ͖͖ͭͮແྉ w%/4αʔό΋ఏڙ͍ͯ͠Δ͕
 %/4ϨίʔυΛૢ࡞͢Δ"1*͸ແ͍

  7. ແྉ੩త8FCαΠτ(JU)VC1BHFT

  8. ແྉ%/4αʔό$MPVEqBSF%/4 w%/4Ϩίʔυૢ࡞ʹ"1*΋࢖͑Δ ΋ͪΖΜ(6*΋Մ

  9. ແྉ5-4ূ໌ॻ-FU`T&ODSZQU w*43( *OUFSOFU4FDVSJUZ3FTFBSDI(SPVQ ͕
 ແྉͰఏڙ͢Δ5-4αʔόূ໌ॻൃߦαʔϏε w"$.& "VUPNBUFE$FSUJpDBUF.BOBHFNFOU&OWJSPONFOU ϓϩτίϧΛ༻͍ͯূ໌ॻൃߦϓϩηεΛࣗಈԽ wυϝΠϯ ݖҖ%/4αʔό্ͷ%/4Ϩίʔυ

    ͷ؅ཧݖݶͷ ॴ࣋Λ֬ೝ͢Δ͜ͱΛ΋ͬͯূ໌ॻൃߦՄೳͱ൑ఆ͢Δ ͍ΘΏΔυϝΠϯೝূ  w೥݄͔Β"$.&Wϓϩτίϧͷਖ਼ࣜαϙʔτʹΑΓ ϫΠϧυΧʔυূ໌ॻͷൃߦ΋Մೳʹ wূ໌ॻͷ༗ޮظؒ͸ൃߦޙ೔ؒ

  10. ແྉ5-4ূ໌ॻ-FU`T&ODSZQU ূ໌ॻͷ༗ޮظؒ͸ൃߦޙ೔ؒ w தؒূ໌ॻ͸-FU`T&ODSZQUࣗ਎ͷ$"ʹ Ճ͑ͯ*EFO5SVTU$"ʹΑͬͯ΋ॺ໊ w ΄ͱΜͲͷ8FCΫϥΠΞϯτ͸*EFO5SVTU ͷϧʔτ$"ূ໌ॻΛϓϦΠϯετʔϧɹ ‎Ϣʔβࣗ਎͕$"ূ໌ॻΛΠϯετʔϧ ͠ͳͯ͘΋0,

  11. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  12. (JU)VC1BHFT

  13. ΧελϜυϝΠϯͰ
 (JU)VC1BHFTΛ࢖͓͏ͱ͢Δͱ

  14. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  15. $MPVEqBSFͰαΠτొ࿥

  16. (JU)VC1BHFTͷ
 ΧελϜυϝΠϯ༻%/4Ϩίʔυొ࿥ w ͱ
 Ѽͷ
 %/4"ϨίʔυΛ౤ೖ w ͍ͣΕ΋$MPVEqBSF$%/Λ ௨ͯ͠ΞΫηε ˞೚ҙ

  17. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  18. $MPVEqBSFΛ
 ݖҖ%/4αʔόʹ͢Δ

  19. ݖҖ%/4αʔόมߋ੒ޭ ˞มߋ׬ྃ·ͰԿ෼͔଴ͱ͏ʂ

  20. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  21. -FU`T&ODSZQU͔Βূ໌ॻΛ ήοτ͢Δํ๏ w"$.&WΫϥΠΞϯτΛࣗ෼Ͱಈ͔͢ wͳΜ͔উखʹ΍ͬͯ͘ΕΔ wϓϩμΫτʹ૊Έࠐ·Ε͍ͯΔ ࠓճ͸ίϨ

  22. "$.&WΫϥΠΞϯτ https://letsencrypt.org/docs/client-options/ ࠓճ͸BDNFTIΛ࢖༻ wCBTIεΫϦϓτϕʔε wBMQJOFϕʔεͷ%PDLFSpMF͕ ͍͍ͭͯΔ w$MPVEqBSF%/4ͷ"1*ʹରԠ https://github.com/Neilpang/acme.sh

  23. $MPVEqBSF"1*Ωʔ

  24. BDNFTIͷ࢖͍ํ  ৽نൃߦ $ git clone https://github.com/Neilpang/acme.sh $ cd acme.sh

    $ docker build -t acme.sh . $ cd .. $ docker run -t --rm \ -e CF_Email='hoge@hoge.com' \ -e CF_Key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \ -v $PWD:/acme.sh acme.sh \ --issue --dns dns_cf \ -d hogehoge.cf -d '*.hogehoge.cf' ద౰ͳ%PDLFSϗετʹ࡞ۀ༻σΟϨΫτϦΛ۷ͬͯɺ ͓΋ΉΖʹҎԼΛ࣮ߦ $MPVEqBSF"1*Ωʔ $MPVEqBSFΞΧ΢ϯτ*% ొ࿥ϝΞυ ϫΠϧυΧʔυΛࢦఆ

  25. ੜ੒͞ΕΔϑΝΠϧ $ tree . ├── account.conf ├── acme.sh │ ├──

    acme.sh │ ʲதུʳ ├── ca │ └── acme-v02.api.letsencrypt.org │ ├── account.json │ ├── account.key │ └── ca.conf └── hogehoge.cf ├── ca.cer ├── hogehoge.cf.cer ├── hogehoge.cf.conf ├── hogehoge.cf.csr ├── hogehoge.cf.csr.conf ├── hogehoge.cf.key └── fullchain.cer ൿີݤϑΝΠϧ ূ໌ॻνΣΠϯϑΝΠϧ ূ໌ॻϑΝΠϧ

  26. BDNFTIͷ࢖͍ํ  ߋ৽࠶ൃߦɾࢀরɾ࡟আ $ docker run -t --rm -v $PWD:/acme.sh

    \ acme.sh --renew-all $ docker run -t --rm -v $PWD:/acme.sh \ acme.sh --list $ docker run -t --rm -v $PWD:/acme.sh \ acme.sh --remove -d hogehoge.cf ʲࢀরʳ ʲߋ৽࠶ൃߦʳ˞༗ޮظؒ࢒Γ೔Λ੾ͬͨ΋ͷͷΈ"$.&࠶࣮ߦ ʲ࡟আʳ

  27. ʲ2ʳ
 αϒυϝΠϯͰ΋͍͚Δͷʁ $ docker run -t --rm \ -e CF_Email='hoge@hoge.com'

    \ -e CF_Key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \ -v $PWD:/acme.sh acme.sh \ --issue --dns dns_cf \ -d sub.hogehoge.cf -d '*.sub.hogehoge.cf' ʲ"ʳ͑͑ɺ͍͚·͢ ˞ূ໌ॻΛ࣮ࡍʹ࢖͏ͱ͖͸ɺαϒυϝΠϯͷ%/4Ϩίʔυొ࿥ͳͲ͓๨Εͳ͘

  28. ෭࢈෺ w(JU)VCͰͪΌΜͱόʔδϣϯ؅ཧ͞Εɺ
 $%/΋࢖ͬͨɺܹ଎ͳ੩త8FCαΠτ wΠϯτϥωοτͰ࢖͏υϝΠϯͰ΋
 ࣗಈߋ৽ՄೳͳϫΠϧυΧʔυূ໌ॻ w*OUFSOFUSFBDIBCMFͳ8FCαʔό͕ͳͯ͘΋ɺ ݖҖ%/4αʔό͑͋͞Ε͹ূ໌ॻߋ৽͕Մೳ

  29. ͋Γ͕ͱ͏͍͟͝·ͨ͠