Upgrade to Pro — share decks privately, control downloads, hide ads and more …

完全無料でワイルドカード証明書を手に入れよう / How to get wildcard certs without any charges

A86c914ae9d4b345a4962db71d1e186a?s=47 Ken Ojiri
August 23, 2019
Technology
0
160

完全無料でワイルドカード証明書を手に入れよう / How to get wildcard certs without any charges

2019年8月23日 TechLunch (NTTコミュニケーションズ 社内イベント) にて発表

A86c914ae9d4b345a4962db71d1e186a?s=128

Ken Ojiri

August 23, 2019
Tweet

Other Decks in Technology

See All in Technology
53850955f15249a1a9dc49df6113e400?s=48 line_developers
PRO
2
680
8fa31051503b09846584c49cd53d2f80?s=48 asei
12
2.6k
6bb0559d2066b868dab09e435f488c6c?s=48 tomoyuki
0
520
Cb88f765dd38cd942c39aacb5abbea06?s=48 ufoo68
0
100
Ad22fcf5773b906c08330f4d57242212?s=48 inductor
0
430
C4314fcb6d2bf1c2783b7d9050ec6665?s=48 shnjtk
1
580
E53046bb9794560f541fcf2cf0b9d526?s=48 sayokomiura
0
310
D8e79ab09f15e69d600c00131bf7d2a9?s=48 yfutamura
0
410
Cdfff9be12b12849f1eeb94b2196aca5?s=48 chizuchizu
1
270
98a2aff83d5731c9e153a3f221fc08ab?s=48 kazkanda
0
250
0b626efa067fc1732d0827b6ac1ca6e1?s=48 shoheiyamamoto
0
220
2cf373725ded741824c50fd571eda6e1?s=48 udzura
1
320

Featured

See All Featured
9cde37f47e4a800ea081ea42de8d749a?s=48 dougneiner
56
5.5k
Ecdea9b9714877b86cee08458f085481?s=48 trallard
17
900
B6a8f005f39d23ffc930508ac9da68b9?s=48 vanstee
118
4.9k
D8fc2580cfaca035f666d9e4ee79a7f7?s=48 mongodb
23
3.9k
170b760e0147792d0140e59ec78e9893?s=48 eitanlees
116
10k
433acaea1012b25d97ae66da9b998dad?s=48 malarkey
193
8.7k
7fa6101cd43067653cf4ac6c7ca54305?s=48 akmur
252
19k
56c4053438af8e8b90d6f53cbb7573be?s=48 jakevdp
776
200k
E76911cbe088e5b850d966de3fc7435b?s=48 robhawkes
53
2.9k
2bb923c57a1fdc3a2eb484bb8d565fd2?s=48 ufuk
57
5.5k
1f74b13f1e5c6c69cb5d7fbaabb1e2cb?s=48 sferik
612
55k
A60068bce2e73de3a37ca9d2dbe36092?s=48 bryan
101
11k

Transcript

  1. ׬શແྉͰ ϫΠϧυΧʔυূ໌ॻΛ खʹೖΕΑ͏  ඌ৲݈

  2. ϫΠϧυΧʔυূ໌ॻʁ 9W4VCKFDU"MUFSOBUJWF/BNF 4"/

  3. ͳͥϫΠϧυΧʔυূ໌ॻ͕ ΄͍͠ͷ͔ wࠓ͞Βฏจ)551ͳ8FCαʔϏεΛ ৽نΦʔϓϯ͢ΔͳΜͯ͋Γ͑ͳ͍ wຊ൪؀ڥ͚ͩͰͳ͘ɺ$*؀ڥ΍։ൃ ؀ڥ΋)5514Խ͍͕ͨ͠ɺ'2%/ຖ ʹূ໌ॻൃߦͳΜͯ΍ͬͯΒΕͳ͍

  4. ʮ׬શແྉͰϫΠϧυΧʔυ ূ໌ॻʯͷλω໌͔͠ wແྉυϝΠϯ 'SFFOPN wແྉ੩త8FCαΠτ(JU)VC1BHFT wແྉ%/4αʔό $MPVEqBSF%/4 wແྉ5-4ূ໌ॻ -FU`T&ODSZQU

  5. ແྉυϝΠϯ'SFFOPN freenom.com

  6. ແྉυϝΠϯ'SFFOPN w.tk .ml .ga .cf .gqͷ֤5-%Ͱɺ
 ηΧϯυϨϕϧ͕จࣈҎ্ͩͱແྉ w ʢྫʣgikai.ml͸ແྉɻntt.cf͸༗ྉ wυϝΠϯͷ༗ޮظؒ͸ʙϲ݄

    w Ԇ௕͸ظݶ੾Εͷिؒલ͔Βखଓ͖Մೳ w ແྉυϝΠϯ͸Ԇ௕ͯ͠΋ͻ͖͖ͭͮແྉ w%/4αʔό΋ఏڙ͍ͯ͠Δ͕
 %/4ϨίʔυΛૢ࡞͢Δ"1*͸ແ͍

  7. ແྉ੩త8FCαΠτ(JU)VC1BHFT

  8. ແྉ%/4αʔό$MPVEqBSF%/4 w%/4Ϩίʔυૢ࡞ʹ"1*΋࢖͑Δ ΋ͪΖΜ(6*΋Մ

  9. ແྉ5-4ূ໌ॻ-FU`T&ODSZQU w*43( *OUFSOFU4FDVSJUZ3FTFBSDI(SPVQ ͕
 ແྉͰఏڙ͢Δ5-4αʔόূ໌ॻൃߦαʔϏε w"$.& "VUPNBUFE$FSUJpDBUF.BOBHFNFOU&OWJSPONFOU ϓϩτίϧΛ༻͍ͯূ໌ॻൃߦϓϩηεΛࣗಈԽ wυϝΠϯ ݖҖ%/4αʔό্ͷ%/4Ϩίʔυ

    ͷ؅ཧݖݶͷ ॴ࣋Λ֬ೝ͢Δ͜ͱΛ΋ͬͯূ໌ॻൃߦՄೳͱ൑ఆ͢Δ ͍ΘΏΔυϝΠϯೝূ  w೥݄͔Β"$.&Wϓϩτίϧͷਖ਼ࣜαϙʔτʹΑΓ ϫΠϧυΧʔυূ໌ॻͷൃߦ΋Մೳʹ wূ໌ॻͷ༗ޮظؒ͸ൃߦޙ೔ؒ

  10. ແྉ5-4ূ໌ॻ-FU`T&ODSZQU ূ໌ॻͷ༗ޮظؒ͸ൃߦޙ೔ؒ w தؒূ໌ॻ͸-FU`T&ODSZQUࣗ਎ͷ$"ʹ Ճ͑ͯ*EFO5SVTU$"ʹΑͬͯ΋ॺ໊ w ΄ͱΜͲͷ8FCΫϥΠΞϯτ͸*EFO5SVTU ͷϧʔτ$"ূ໌ॻΛϓϦΠϯετʔϧɹ ‎Ϣʔβࣗ਎͕$"ূ໌ॻΛΠϯετʔϧ ͠ͳͯ͘΋0,

  11. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  12. (JU)VC1BHFT

  13. ΧελϜυϝΠϯͰ
 (JU)VC1BHFTΛ࢖͓͏ͱ͢Δͱ

  14. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  15. $MPVEqBSFͰαΠτొ࿥

  16. (JU)VC1BHFTͷ
 ΧελϜυϝΠϯ༻%/4Ϩίʔυొ࿥ w ͱ
 Ѽͷ
 %/4"ϨίʔυΛ౤ೖ w ͍ͣΕ΋$MPVEqBSF$%/Λ ௨ͯ͠ΞΫηε ˞೚ҙ

  17. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  18. $MPVEqBSFΛ
 ݖҖ%/4αʔόʹ͢Δ

  19. ݖҖ%/4αʔόมߋ੒ޭ ˞มߋ׬ྃ·ͰԿ෼͔଴ͱ͏ʂ

  20. υϝΠϯऔಘ͔Βূ໌ॻήοτ ·ͰͷྲྀΕ ᶃ 'SFFOPNͰυϝΠϯऔಘ ᶄ (JU)VCʹ੩త8FCαΠτίϯςϯπΛQVTI͠ɺ(JU)VC 1BHFTΛ༗ޮԽ ᶅ $MPVEqBSFͰαΠτొ࿥ˍ(JU)VC1BHFTͷΧελϜυϝ Πϯ༻%/4Ϩίʔυొ࿥

    ᶆ 'SFFOPNͰݖҖ%/4αʔόΛ$MPVEqBSF%/4ʹ੾Γସ͑ ᶇ -FU`T&ODSZQUͰ$MPVEqBSF%/4Λ࢖ͬͯϫΠϧυΧʔυ ূ໌ॻήοτ

  21. -FU`T&ODSZQU͔Βূ໌ॻΛ ήοτ͢Δํ๏ w"$.&WΫϥΠΞϯτΛࣗ෼Ͱಈ͔͢ wͳΜ͔উखʹ΍ͬͯ͘ΕΔ wϓϩμΫτʹ૊Έࠐ·Ε͍ͯΔ ࠓճ͸ίϨ

  22. "$.&WΫϥΠΞϯτ https://letsencrypt.org/docs/client-options/ ࠓճ͸BDNFTIΛ࢖༻ wCBTIεΫϦϓτϕʔε wBMQJOFϕʔεͷ%PDLFSpMF͕ ͍͍ͭͯΔ w$MPVEqBSF%/4ͷ"1*ʹରԠ https://github.com/Neilpang/acme.sh

  23. $MPVEqBSF"1*Ωʔ

  24. BDNFTIͷ࢖͍ํ  ৽نൃߦ $ git clone https://github.com/Neilpang/acme.sh $ cd acme.sh

    $ docker build -t acme.sh . $ cd .. $ docker run -t --rm \ -e CF_Email='hoge@hoge.com' \ -e CF_Key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \ -v $PWD:/acme.sh acme.sh \ --issue --dns dns_cf \ -d hogehoge.cf -d '*.hogehoge.cf' ద౰ͳ%PDLFSϗετʹ࡞ۀ༻σΟϨΫτϦΛ۷ͬͯɺ ͓΋ΉΖʹҎԼΛ࣮ߦ $MPVEqBSF"1*Ωʔ $MPVEqBSFΞΧ΢ϯτ*% ొ࿥ϝΞυ ϫΠϧυΧʔυΛࢦఆ

  25. ੜ੒͞ΕΔϑΝΠϧ $ tree . ├── account.conf ├── acme.sh │ ├──

    acme.sh │ ʲதུʳ ├── ca │ └── acme-v02.api.letsencrypt.org │ ├── account.json │ ├── account.key │ └── ca.conf └── hogehoge.cf ├── ca.cer ├── hogehoge.cf.cer ├── hogehoge.cf.conf ├── hogehoge.cf.csr ├── hogehoge.cf.csr.conf ├── hogehoge.cf.key └── fullchain.cer ൿີݤϑΝΠϧ ূ໌ॻνΣΠϯϑΝΠϧ ূ໌ॻϑΝΠϧ

  26. BDNFTIͷ࢖͍ํ  ߋ৽࠶ൃߦɾࢀরɾ࡟আ $ docker run -t --rm -v $PWD:/acme.sh

    \ acme.sh --renew-all $ docker run -t --rm -v $PWD:/acme.sh \ acme.sh --list $ docker run -t --rm -v $PWD:/acme.sh \ acme.sh --remove -d hogehoge.cf ʲࢀরʳ ʲߋ৽࠶ൃߦʳ˞༗ޮظؒ࢒Γ೔Λ੾ͬͨ΋ͷͷΈ"$.&࠶࣮ߦ ʲ࡟আʳ

  27. ʲ2ʳ
 αϒυϝΠϯͰ΋͍͚Δͷʁ $ docker run -t --rm \ -e CF_Email='hoge@hoge.com'

    \ -e CF_Key=XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX \ -v $PWD:/acme.sh acme.sh \ --issue --dns dns_cf \ -d sub.hogehoge.cf -d '*.sub.hogehoge.cf' ʲ"ʳ͑͑ɺ͍͚·͢ ˞ূ໌ॻΛ࣮ࡍʹ࢖͏ͱ͖͸ɺαϒυϝΠϯͷ%/4Ϩίʔυొ࿥ͳͲ͓๨Εͳ͘

  28. ෭࢈෺ w(JU)VCͰͪΌΜͱόʔδϣϯ؅ཧ͞Εɺ
 $%/΋࢖ͬͨɺܹ଎ͳ੩త8FCαΠτ wΠϯτϥωοτͰ࢖͏υϝΠϯͰ΋
 ࣗಈߋ৽ՄೳͳϫΠϧυΧʔυূ໌ॻ w*OUFSOFUSFBDIBCMFͳ8FCαʔό͕ͳͯ͘΋ɺ ݖҖ%/4αʔό͑͋͞Ε͹ূ໌ॻߋ৽͕Մೳ

  29. ͋Γ͕ͱ͏͍͟͝·ͨ͠