Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SSLって必要ですか〜Let's Encryptを試してみよう

Sponsored · Your Podcast. Everywhere. Effortlessly. Share. Educate. Inspire. Entertain. You do you. We'll handle the rest.
Avatar for sonson sonson
May 15, 2016
Programming
3
580

SSLって必要ですか〜Let's Encryptを試してみよう

SSLの必要性,Let's Encryptのちょっとした使い方について概観する.

Avatar for sonson

sonson

May 15, 2016
Tweet

More Decks by sonson

See All by sonson
計算グラフのJITコンパイラをLLVM on C++で作ろう
Avatar for sonson sonsongithub
2
610
LLVMでHalideみたいな計算グラフ+JITを作りたい
Avatar for sonson sonsongithub
0
1.5k
LLVM Tutorial 02 - わいわいswiftc
Avatar for sonson sonsongithub
1
440
LLVM Tutorial - わいわいswiftc
Avatar for sonson sonsongithub
0
340
How to make and publish a Swift playground book for iPad
Avatar for sonson sonsongithub
5
19k
Swiftで実装するHTML特殊文字の高速処理
Avatar for sonson sonsongithub
3
7.9k
First step of 3D touch
Avatar for sonson sonsongithub
0
670
Getting started with 3D Touch
Avatar for sonson sonsongithub
0
770

Other Decks in Programming

See All in Programming
AI時代の認知負荷との向き合い方
Avatar for OptFit Corp. optfit
0
140
そのAIレビュー、レビューしてますか? / Are you reviewing those AI reviews?
Avatar for r-kagaya rkaga
6
4.5k
インターン生でもAuth0で 認証基盤刷新が出来るのか
Avatar for takumi taku271
0
190
AIフル活用時代だからこそ学んでおきたい働き方の心得
Avatar for shinoyu shinoyu
0
130
Implementation Patterns
Avatar for Denys Poltorak denyspoltorak
0
280
ThorVG Viewer In VS Code
Avatar for Nor-s nors
0
760
フロントエンド開発の勘所 -複数事業を経験して見えた判断軸の違い-
Avatar for Yoichiro Kubo heimusu
7
2.8k
責任感のあるCloudWatchアラームを設計しよう
Avatar for アキキー akihisaikeda
3
160
AIで開発はどれくらい加速したのか?AIエージェントによるコード生成を、現場の評価と研究開発の評価の両面からdeep diveしてみる
Avatar for どすこい daisuketakeda
1
970
例外処理とどう使い分ける?Result型を使ったエラー設計 #burikaigi
Avatar for Takuma Kajikawa kajitack
16
6k
AIと一緒にレガシーに向き合ってみた
Avatar for nyafunta9858 nyafunta9858
0
160
AI時代のキャリアプラン「技術の引力」からの脱出と「問い」へのいざない / tech-gravity
Avatar for MinoDriven minodriven
20
6.6k

Featured

See All Featured
Cheating the UX When There Is Nothing More to Optimize - PixelPioneers
Avatar for Stéphanie Walter stephaniewalter
287
14k
Deep Space Network (abreviated)
Avatar for Tony Rice tonyrice
0
45
世界の人気アプリ100個を分析して見えたペイウォール設計の心得
Avatar for Akihiro Kokubo akihiro_kokubo
PRO
66
36k
How to train your dragon (web standard)
Avatar for Monica Dinculescu notwaldorf
97
6.5k
Measuring Dark Social's Impact On Conversion and Attribution
Avatar for Stephen Akadiri stephenakadiri
1
120
How to audit for AI Accessibility on your Front & Back End
Avatar for davetheseo davetheseo
0
180
Odyssey Design
Avatar for Ryan Kendrick rkendrick25
PRO
1
490
Getting science done with accelerated Python computing platforms
Avatar for Jacob Tomlinson jacobtomlinson
2
110
Understanding Cognitive Biases in Performance Measurement
Avatar for Philip Tellis bluesmoon
32
2.8k
brightonSEO & MeasureFest 2025 - Christian Goodrich - Winning strategies for Black Friday CRO & PPC
Avatar for Christian Goodrich cargoodrich
3
97
Code Review Best Practice
Avatar for Trisha Gee trishagee
74
20k
I Don’t Have Time: Getting Over the Fear to Launch Your Podcast
Avatar for Joe Casabona jcasabona
34
2.6k

Transcript

  1. ஌͍ͬͯΔਓ͸ίʔυॻ͍͍ͯͯͩ͘͞ Tech. Yuichi Yoshida Researcher, DENSO IT Laboratory, Inc. #yidev

    @sonson_twit © 2014 DENSO IT Laboratory, Inc., All rights reserved. Redistribution or public display not permitted without written permission from DENSO IT Laboratory, Inc. Let’s Encrypt~SSL~Autolayout

  2. ࣗݾ঺հ • sonson • twitter: sonson_twit • github: sonsongithub •

    portfolio • reddift(SwiftͰॻ͍ͨreddit.comͷAPIϥούʔ) • ࢓ࣄ • ը૾ೝࣝ/ݕࡧ/ͦΕΛ࢖ͬͨΞϓϦ • ػցֶशͷ͓ษڧͱ͔ॾʑͱ͔

  3. ࠓ೔ͷ಺༰ • SSLͬͯඞཁͰ͔͢ʙLet’s Encrypt • AutolayoutΛ࢖͍ͬͯΔ͕ɼԶ͸΋͏ݶք͔΋͠Εͳ͍

  4. SSLͬͯඞཁͰ͔͢ʁ Let’s EncryptͰ͍͍ͷ͔ɼѱ͍ͷ͔

  5. ໔੹ ͜ͷൃද಺༰͸ɼ٢ా༔ҰͷݸਓతͳݟղͰ͋Γɼ ॴଐ͢Δஂମ౳ͷެࣜతͳݟղͰ͸͋Γ·ͤΜɽ ·ͨຊൃද಺༰Λฉ͖ɼͦͷཧղʹج͍ͮͯͦͷຊਓ͕ ͱͬͨ೗ԿͳΔߦಈʹΑΔଛ֐౳ʹର͠ɼ੹೚Λෛ͍·ͤΜɽ Ҏ্ͷ͜ͱΛཧղͰ͖ͳ͍ਓɼ͋Δ͍͸ड͚ೖΕΒΕͳ͍ਓ ͸ຊൃදΛฉ͘͜ͱ͸͝ԕྀ͍ͩ͘͞ɽ

  6. None
  7. None

  8. എܠ • iOS9Ҏ߱ɼATSಋೖ͞ΕΔ • σϑΥϧτͰ͢΂ͯhttps௨৴ʹஔ͖׵͑ΒΕΔ • iOSͰ΋SSL͸جຊཁ݅ʹͳΓͭͭ͋Δ • ࣗ෼Ͱӡ༻͍ͯ͠ΔαʔόͷSSLରԠ •

    sonson.jp͸ɼgithub hostingҎ֎͸͢΂ͯSSL • 2tchͷόοΫΤϯυ΋৽͍͠όʔδϣϯ͸SSL • ͦΜͱ͖ʹ৭ʑษڧͨ͠ • ϝΠϯͷڵຯ͸RSA҉߸ͷ਺ֶͩͬͨΜ͕ͩ

  9. എܠ • ͖͔͚ͬ • LINE Bot API • LINE Bot

    API • SSL௨৴ඞਢ • Let’s Encryptͩͱ࢖͑ͳ͍ • AWS͔Β͸࢖͑Δ • SSLͷূ໌ॻ • Կͷҧ͍͕͋Δͷʁ • ҰମɼԿͷͨΊʹඞཁͳͷʁ

  10. SSLͷඞཁੑ • Wi-FiͷηΩϡϦςΟ໰୊ • httpsͰͳ͍ͱةݥ • DNSͷηΩϡϦςΟ໰୊ • ѱҙͷ͋ΔDNS໰୊ •

    ηΩϡΞͳDNS͕ͳ͔ͳ͔Ͱͯ͜ͳ͍ • httpͰDNS໊͚ͩͰ૬खΛ֬ೝ͢Δͷ͸ةݥ • DNSΫϥοΫʹΑΔͳΓ͢·͠໰୊

  11. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

  12. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ ͏ͦͬ͜ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2

    bank.co.jp %/4ͷਖ਼౰ੑΛ νΣοΫ͢Δज़͕ͳ͍

  13. ҉߸௨৴ͷ3ཁ݅ • ൿಗ • ୭ʹ΋౪ΈݟΒΕͳ͍ • ׬શੑ • ୭ʹ΋վ᜵͞Εͳ͍ •

    ೝূ • ୭ʹ΋ͳΓ͢·͞Εͳ͍

  14. ࠓ೔ͷٕज़ͷݶք • ൿಗ • ૉҼ਺෼ղ͕࣮࣌ؒͰղ͔Εͳ͍ݶΓ҆શ • ׬શੑ • SHAͳͲͰ֬อͰ͖Δ •

    ೝূ • ࠓͷͱ͜Ζٕज़తʹղܾͰ͖͍ͯͳ͍

  15. ൿಗ • ެ։伴҉߸ํࣜ • RSA҉߸ • కΊΔ伴ɼ։͚Δ伴͕ҟͳΔ҉߸ํࣜ • 伴ͷ഑ૹ໰୊Λղܾͨ͠ʢ͍ͯ͠ΔʣͱݴΘΕΔ •

    ར༻͢Δ਺ֶ • ૉҼ਺෼ղ͕࣮࣌ؒͰܭࢉͰ͖ͳ͍ • ཭ࢄର਺͸࣮࣌ؒͰܭࢉͰ͖ͳ͍

  16. ׬શੑ • MD5, SHA • ͋Δσʔλͷϋογϡ஋Λ࡞Δ • MD5ͱαΠζͷখ͍͞SHA͸ةݥ • ϋογϡͷੑ࣭

    • σʔλΛೖΕΔͱϋογϡ஋͕ಘΒΕΔ • ೖྗ͕গ͠Ͱ΋มΘΔͱϋογϡ஋͸େ͖͘มΘΔ • σʔλΛվ᜵ͨ݁͠ՌʹରԠ͢Δϋογϡ஋Λ༧ଌ ͢Δ͜ͱ͸೉͍͠ • →ͭ·Γϋογϡ஋Λ֬ೝ͢Δͱվ᜵͞Ε͍ͯͳ͍ ͔Λ֬ೝͰ͖Δ

  17. ೝূ • ղܾ͢Δ਺ֶతͳ࢓૊Έ͸ະͩʹͳ͍

  18. ൿಗͱ׬શੑΛୡ੒ͯ͠΋ ૹ৴ऀ ड৴ऀ ҉߸Խσʔλ ൿಗ ҉߸Խ ׬શੑ վ᜵ෆՄ ड͚औΔ૬ख͕ ୭ͳͷ͔Θ͔Βͳ͍

    ߈ܸऀ

  19. ߈ܸྫ: man in the middle attack(MTM) ૹ৴ऀ தؒऀ ҉߸Խσʔλ ҉߸Խ

    վ᜵ෆՄ ۜߦ ҉߸Խσʔλ ೝূͷ࢓૊Έ͕ͳ͍ͱɼ୭ͱ௨৴͍ͯ͠Δ͔ͷ อূ͕ಘΒΕͳ͍

  20. ݱঢ়ͷରࡦʔSSLೝূہ • ೝূہ - Certificate Authority(CA)

  21. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕ͸ۜߦͷ ূ໌ॻͰ͢

  22. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕͩΕʁ

  23. OSXʹσϑΥϧτͰೖΔূ໌ॻ

  24. ΦϨΦϨূ໌͕μϝͳཧ༝ • man in the middle attack(MTM)ͷ㕒৯ • ͱ͸͍͑ɼMTM͘Βͬͯ΋͍͍ͬͯݴ͏ͳΒɼผ ʹΦϨΦϨূ໌ॻͰ΋Α͍ͱ͍͏͜ͱ

    • ΦϨΦϨূ໌ॻͰ͋ͬͯ΋ɼͦͷ૬खͱͷ௨৴ͷൿ ಗɼ׬શੑ͸อͨΕΔ

  25. ͳͥೝূ͕೉͍͠ͷ͔ • ʮ৴͡Δʯͱ͍͏͜ͱͷఆ͕ٛᐆດ͔ͩΒ

  26. ೝূہͷ৴༻ੑ https://www.jp.websecurity.symantec.com/repository/faq/class.html ৴༻ੑ͸ຊ౰ͷࣾձతͳ৴༻ੑΛಘΔͷͱ ಉ͡࢓૊ΈͰߏங͍ͯ͠Δ

  27. SSLূ໌ॻʹ͍ͭͯ • ೝূͷͨΊͷ࢓૊Έ • ҉߸Խͱ͔͸ɼࠜຊతʹ͸ؔ܎ͳ͍ • ࣮ࡍͷ࢓૊Έ্͋Δ͕ • ͏·͘ղܾ͢Δ޻ֶ/਺ֶతͳ࢓૊Έ͕ະͩͳ͍ •

    ೝূہɾূ໌ॻͷΫϥε • ೝূʹ͸͕͔͔ۚΔ • Let’s Encrypt΍StartSSLʹ͸৴པੑ͕଍Γͳ͍ • VerisignͳͲͷCLASS3͸৴པੑ͕ߴ͍ˠՁ֨΋ߴ͍

  28. Let’s Encrypt • ແྉͷSSLূ໌ॻ • ϝʔϧΞυϨεͷΈͷূ໌ • ࣗಈߋ৽ͷͨΊͷεΫϦϓτ΋഑෍͞Ε͍ͯΔ • https://github.com/certbot/certbot

    • ߋ৽ͷͨΊͷπʔϧ͕ͪΐͬͱલʹ͔Θͬͨ

  29. ࢓૊Έ • certbot͕Let’s Encryptͱ௨৴ͯ͠ূ໌ॻΛൃߦ • apacheͱnginx • ࣗಈͰূ໌ॻͷΠϯετʔϧ·Ͱ΍ΔΒ͍͠ • ಈ͔ͳ͍ͬͯBBSʹ͔͋ͬͨΒ࢖ͬͯͳ͍

    • webroot • ಛఆͷύεΛҰ࣌తʹ࢖͏ • letsencryptͷύεʹূ໌ॻ͕ίϐʔ͞ΕΔ • standalone • ಛఆͷϙʔτͰμΠϨΫτʹ௨৴͢ΔʢΒ͍͠ʣ • 80ͱ͔࢖͏ͷͰҰ࣌తʹαʔόΛด͡Δඞཁ͕͋Δ • manual • ڵຯͳ͍ͷͰݟͯͳ͍

  30. ͜Μ͚ͩͰΑ͍ ./letsencrypt-auto certonly --webroot \\ -w /var/www/example/ \\ -d www.example.com

  31. ৘ใ • ༗ޮظݶ • 90೔ • Let’s EncryptӡӦ͸60೔Ͱߋ৽͢Δ͜ͱΛਪ঑ • ੍ݶ

    • ͻͱͭͷIP͔ΒൃߦͰ͖ΔυϝΠϯ਺ • ͻͱͭͷIP͔ΒൃߦͰ͖Δূ໌ॻͷ਺ • ੍ݶ͸̓೔͘Β͍Ͱղআ͞ΕΔ • ೝূہͱͯ͠ • iOS/Windows/OSX౳ʹ͸৴༻͞Ε͍ͯΔ • ΫϥΠΞϯτʹΑͬͯ͸৴༻͍ͯ͠ͳ͍ͷͰཁ஫ҙ

  32. ࢀߟจݙ • ҉߸શൠ • ݁৓ߒ, ҉߸ٕज़ೖ໳ • RSA҉߸/ૉ਺पΓ • ϚʔΧεɾσϡɾιʔτΠ,ૉ਺ͷԻָ

    • ʴͦͷลͷେֶͷઌੜͷαΠτͳͲ

  33. AutolayoutΛ࢖͍ͬͯΔ͕ Զ͸΋͏ݶք͔΋͠Εͳ͍ GUIͷݶք

  34. ݱࡏ࡞ͬͯΔΞϓϦΛྫʹ

  35. Ϗϡʔͷ಺༁͸͜Μͳײ͡

  36. Έͳ͞ΜɼͲ͏΍ͬͯ࢖͍ͬͯ·͔͢ʁ • Storyboard • Storyboard + xib • ίʔυ

  37. Storyboard ͜ΜͳෳࡶͳϏϡʔΛGUI͔Β ࡞Δͱ͔ෆՄೳ 9999 +1001 3h sonson_twit imgur.com 11 images

    Just installed iOS 9.3 Beta without a developer account (iPhone 6S Plus), 3D Touch animation lag gone! Search Sketch 9:41 AM 100%

  38. Storyboard + xib ҙຯෆ໌ த਎͕Θ͔Βͳ͍

  39. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ

  40. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ Θ͚ͳ͍

  41. ͜͜Ͱɼٞ࿦͍ͨ͠ • AutolayoutɼࠓޙͲ͏͠·͔͢ʁ • Storyboard • Storyboard + xib •

    ίʔυ • Ή͠ΖɼAutolayout࢖Θͳ͍ • έʔε • ҰਓͰझຯͰॻ͘৔߹ • ਺ਓͷίʔσΟϯάɼن໛͸খ͍͞ • ҙঊ/UI/UXͷσβΠφ΋͍Δن໛ͷେ͖͍
  42. None

  43. ·ͱΊ • SSLʹ͍ͭͯͷ෮श • ऍᷟʹઆ๏Ͱ͢Έ·ͤΜ • ৴༻ʹ͸͓͕͔͔ۚΓ·͢ • SSL͕ԿͷͨΊʹඞཁ͔ɼৗʹߟ͑·͠ΐ͏ •

    Let’s Encryptͷ࢖͍ํʹ͍ͭͯ • Autolayout • ٧Μͩ