Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SSLって必要ですか〜Let's Encryptを試してみよう

sonson
May 15, 2016
Programming
3
530

SSLって必要ですか〜Let's Encryptを試してみよう

SSLの必要性,Let's Encryptのちょっとした使い方について概観する.

sonson

May 15, 2016
Tweet

More Decks by sonson

See All by sonson
計算グラフのJITコンパイラをLLVM on C++で作ろう
sonsongithub
2
570
LLVMでHalideみたいな計算グラフ+JITを作りたい
sonsongithub
0
1.4k
LLVM Tutorial 02 - わいわいswiftc
sonsongithub
1
390
LLVM Tutorial - わいわいswiftc
sonsongithub
0
300
How to make and publish a Swift playground book for iPad
sonsongithub
5
19k
Swiftで実装するHTML特殊文字の高速処理
sonsongithub
3
7.7k
First step of 3D touch
sonsongithub
0
600
Getting started with 3D Touch
sonsongithub
0
690

Other Decks in Programming

See All in Programming
Serverless Rust: Your Low-Risk Entry Point to Rust in Production (and the benefits are huge)
lmammino
1
150
第3回関東Kaggler会_AtCoderはKaggleの役に立つ
chettub
3
1.2k
Honoとフロントエンドの 型安全性について
yodaka
7
1.5k
AIの力でお手軽Chrome拡張機能作り
taiseiue
0
190
複数のAWSアカウントから横断で 利用する Lambda Authorizer の作り方
tc3jp
0
120
.NET Frameworkでも汎用ホストが使いたい!
tomokusaba
0
200
『テスト書いた方が開発が早いじゃん』を解き明かす #phpcon_nagoya
o0h
PRO
9
2.5k
SwiftUI移行のためのインプレッショントラッキング基盤の構築
kokihirokawa
0
150
読まないコードリーディング術
hisaju
0
100
Visual StudioのGitHub Copilotでいろいろやってみる
tomokusaba
1
210
Learning Kotlin with detekt
inouehi
1
140
データの整合性を保つ非同期処理アーキテクチャパターン / Async Architecture Patterns
mokuo
55
19k

Featured

See All Featured
Being A Developer After 40
akosma
89
590k
Building a Modern Day 
E-commerce SEO Strategy
aleyda
38
7.1k
Docker and Python
trallard
44
3.3k
Agile that works and the tools we love
rasmusluckow
328
21k
Mobile First: as difficult as doing things right
swwweet
223
9.5k
Designing Experiences People Love
moore
140
23k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
100
18k
[RailsConf 2023 Opening Keynote] The Magic of Rails
eileencodes
28
9.3k
Put a Button on it: Removing Barriers to Going Fast.
kastner
60
3.7k
Chrome DevTools: State of the Union 2024 - Debugging React & Beyond
addyosmani
4
380
Building Your Own Lightsaber
phodgson
104
6.2k
Side Projects
sachag
452
42k

Transcript

  1. ஌͍ͬͯΔਓ͸ίʔυॻ͍͍ͯͯͩ͘͞ Tech. Yuichi Yoshida Researcher, DENSO IT Laboratory, Inc. #yidev

    @sonson_twit © 2014 DENSO IT Laboratory, Inc., All rights reserved. Redistribution or public display not permitted without written permission from DENSO IT Laboratory, Inc. Let’s Encrypt~SSL~Autolayout

  2. ࣗݾ঺հ • sonson • twitter: sonson_twit • github: sonsongithub •

    portfolio • reddift(SwiftͰॻ͍ͨreddit.comͷAPIϥούʔ) • ࢓ࣄ • ը૾ೝࣝ/ݕࡧ/ͦΕΛ࢖ͬͨΞϓϦ • ػցֶशͷ͓ษڧͱ͔ॾʑͱ͔

  3. ࠓ೔ͷ಺༰ • SSLͬͯඞཁͰ͔͢ʙLet’s Encrypt • AutolayoutΛ࢖͍ͬͯΔ͕ɼԶ͸΋͏ݶք͔΋͠Εͳ͍

  4. SSLͬͯඞཁͰ͔͢ʁ Let’s EncryptͰ͍͍ͷ͔ɼѱ͍ͷ͔

  5. ໔੹ ͜ͷൃද಺༰͸ɼ٢ా༔ҰͷݸਓతͳݟղͰ͋Γɼ ॴଐ͢Δஂମ౳ͷެࣜతͳݟղͰ͸͋Γ·ͤΜɽ ·ͨຊൃද಺༰Λฉ͖ɼͦͷཧղʹج͍ͮͯͦͷຊਓ͕ ͱͬͨ೗ԿͳΔߦಈʹΑΔଛ֐౳ʹର͠ɼ੹೚Λෛ͍·ͤΜɽ Ҏ্ͷ͜ͱΛཧղͰ͖ͳ͍ਓɼ͋Δ͍͸ड͚ೖΕΒΕͳ͍ਓ ͸ຊൃදΛฉ͘͜ͱ͸͝ԕྀ͍ͩ͘͞ɽ

  6. None
  7. None

  8. എܠ • iOS9Ҏ߱ɼATSಋೖ͞ΕΔ • σϑΥϧτͰ͢΂ͯhttps௨৴ʹஔ͖׵͑ΒΕΔ • iOSͰ΋SSL͸جຊཁ݅ʹͳΓͭͭ͋Δ • ࣗ෼Ͱӡ༻͍ͯ͠ΔαʔόͷSSLରԠ •

    sonson.jp͸ɼgithub hostingҎ֎͸͢΂ͯSSL • 2tchͷόοΫΤϯυ΋৽͍͠όʔδϣϯ͸SSL • ͦΜͱ͖ʹ৭ʑษڧͨ͠ • ϝΠϯͷڵຯ͸RSA҉߸ͷ਺ֶͩͬͨΜ͕ͩ

  9. എܠ • ͖͔͚ͬ • LINE Bot API • LINE Bot

    API • SSL௨৴ඞਢ • Let’s Encryptͩͱ࢖͑ͳ͍ • AWS͔Β͸࢖͑Δ • SSLͷূ໌ॻ • Կͷҧ͍͕͋Δͷʁ • ҰମɼԿͷͨΊʹඞཁͳͷʁ

  10. SSLͷඞཁੑ • Wi-FiͷηΩϡϦςΟ໰୊ • httpsͰͳ͍ͱةݥ • DNSͷηΩϡϦςΟ໰୊ • ѱҙͷ͋ΔDNS໰୊ •

    ηΩϡΞͳDNS͕ͳ͔ͳ͔Ͱͯ͜ͳ͍ • httpͰDNS໊͚ͩͰ૬खΛ֬ೝ͢Δͷ͸ةݥ • DNSΫϥοΫʹΑΔͳΓ͢·͠໰୊

  11. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

  12. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ ͏ͦͬ͜ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2

    bank.co.jp %/4ͷਖ਼౰ੑΛ νΣοΫ͢Δज़͕ͳ͍

  13. ҉߸௨৴ͷ3ཁ݅ • ൿಗ • ୭ʹ΋౪ΈݟΒΕͳ͍ • ׬શੑ • ୭ʹ΋վ᜵͞Εͳ͍ •

    ೝূ • ୭ʹ΋ͳΓ͢·͞Εͳ͍

  14. ࠓ೔ͷٕज़ͷݶք • ൿಗ • ૉҼ਺෼ղ͕࣮࣌ؒͰղ͔Εͳ͍ݶΓ҆શ • ׬શੑ • SHAͳͲͰ֬อͰ͖Δ •

    ೝূ • ࠓͷͱ͜Ζٕज़తʹղܾͰ͖͍ͯͳ͍

  15. ൿಗ • ެ։伴҉߸ํࣜ • RSA҉߸ • కΊΔ伴ɼ։͚Δ伴͕ҟͳΔ҉߸ํࣜ • 伴ͷ഑ૹ໰୊Λղܾͨ͠ʢ͍ͯ͠ΔʣͱݴΘΕΔ •

    ར༻͢Δ਺ֶ • ૉҼ਺෼ղ͕࣮࣌ؒͰܭࢉͰ͖ͳ͍ • ཭ࢄର਺͸࣮࣌ؒͰܭࢉͰ͖ͳ͍

  16. ׬શੑ • MD5, SHA • ͋Δσʔλͷϋογϡ஋Λ࡞Δ • MD5ͱαΠζͷখ͍͞SHA͸ةݥ • ϋογϡͷੑ࣭

    • σʔλΛೖΕΔͱϋογϡ஋͕ಘΒΕΔ • ೖྗ͕গ͠Ͱ΋มΘΔͱϋογϡ஋͸େ͖͘มΘΔ • σʔλΛվ᜵ͨ݁͠ՌʹରԠ͢Δϋογϡ஋Λ༧ଌ ͢Δ͜ͱ͸೉͍͠ • →ͭ·Γϋογϡ஋Λ֬ೝ͢Δͱվ᜵͞Ε͍ͯͳ͍ ͔Λ֬ೝͰ͖Δ

  17. ೝূ • ղܾ͢Δ਺ֶతͳ࢓૊Έ͸ະͩʹͳ͍

  18. ൿಗͱ׬શੑΛୡ੒ͯ͠΋ ૹ৴ऀ ड৴ऀ ҉߸Խσʔλ ൿಗ ҉߸Խ ׬શੑ վ᜵ෆՄ ड͚औΔ૬ख͕ ୭ͳͷ͔Θ͔Βͳ͍

    ߈ܸऀ

  19. ߈ܸྫ: man in the middle attack(MTM) ૹ৴ऀ தؒऀ ҉߸Խσʔλ ҉߸Խ

    վ᜵ෆՄ ۜߦ ҉߸Խσʔλ ೝূͷ࢓૊Έ͕ͳ͍ͱɼ୭ͱ௨৴͍ͯ͠Δ͔ͷ อূ͕ಘΒΕͳ͍

  20. ݱঢ়ͷରࡦʔSSLೝূہ • ೝূہ - Certificate Authority(CA)

  21. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕ͸ۜߦͷ ূ໌ॻͰ͢

  22. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕͩΕʁ

  23. OSXʹσϑΥϧτͰೖΔূ໌ॻ

  24. ΦϨΦϨূ໌͕μϝͳཧ༝ • man in the middle attack(MTM)ͷ㕒৯ • ͱ͸͍͑ɼMTM͘Βͬͯ΋͍͍ͬͯݴ͏ͳΒɼผ ʹΦϨΦϨূ໌ॻͰ΋Α͍ͱ͍͏͜ͱ

    • ΦϨΦϨূ໌ॻͰ͋ͬͯ΋ɼͦͷ૬खͱͷ௨৴ͷൿ ಗɼ׬શੑ͸อͨΕΔ

  25. ͳͥೝূ͕೉͍͠ͷ͔ • ʮ৴͡Δʯͱ͍͏͜ͱͷఆ͕ٛᐆດ͔ͩΒ

  26. ೝূہͷ৴༻ੑ https://www.jp.websecurity.symantec.com/repository/faq/class.html ৴༻ੑ͸ຊ౰ͷࣾձతͳ৴༻ੑΛಘΔͷͱ ಉ͡࢓૊ΈͰߏங͍ͯ͠Δ

  27. SSLূ໌ॻʹ͍ͭͯ • ೝূͷͨΊͷ࢓૊Έ • ҉߸Խͱ͔͸ɼࠜຊతʹ͸ؔ܎ͳ͍ • ࣮ࡍͷ࢓૊Έ্͋Δ͕ • ͏·͘ղܾ͢Δ޻ֶ/਺ֶతͳ࢓૊Έ͕ະͩͳ͍ •

    ೝূہɾূ໌ॻͷΫϥε • ೝূʹ͸͕͔͔ۚΔ • Let’s Encrypt΍StartSSLʹ͸৴པੑ͕଍Γͳ͍ • VerisignͳͲͷCLASS3͸৴པੑ͕ߴ͍ˠՁ֨΋ߴ͍

  28. Let’s Encrypt • ແྉͷSSLূ໌ॻ • ϝʔϧΞυϨεͷΈͷূ໌ • ࣗಈߋ৽ͷͨΊͷεΫϦϓτ΋഑෍͞Ε͍ͯΔ • https://github.com/certbot/certbot

    • ߋ৽ͷͨΊͷπʔϧ͕ͪΐͬͱલʹ͔Θͬͨ

  29. ࢓૊Έ • certbot͕Let’s Encryptͱ௨৴ͯ͠ূ໌ॻΛൃߦ • apacheͱnginx • ࣗಈͰূ໌ॻͷΠϯετʔϧ·Ͱ΍ΔΒ͍͠ • ಈ͔ͳ͍ͬͯBBSʹ͔͋ͬͨΒ࢖ͬͯͳ͍

    • webroot • ಛఆͷύεΛҰ࣌తʹ࢖͏ • letsencryptͷύεʹূ໌ॻ͕ίϐʔ͞ΕΔ • standalone • ಛఆͷϙʔτͰμΠϨΫτʹ௨৴͢ΔʢΒ͍͠ʣ • 80ͱ͔࢖͏ͷͰҰ࣌తʹαʔόΛด͡Δඞཁ͕͋Δ • manual • ڵຯͳ͍ͷͰݟͯͳ͍

  30. ͜Μ͚ͩͰΑ͍ ./letsencrypt-auto certonly --webroot \\ -w /var/www/example/ \\ -d www.example.com

  31. ৘ใ • ༗ޮظݶ • 90೔ • Let’s EncryptӡӦ͸60೔Ͱߋ৽͢Δ͜ͱΛਪ঑ • ੍ݶ

    • ͻͱͭͷIP͔ΒൃߦͰ͖ΔυϝΠϯ਺ • ͻͱͭͷIP͔ΒൃߦͰ͖Δূ໌ॻͷ਺ • ੍ݶ͸̓೔͘Β͍Ͱղআ͞ΕΔ • ೝূہͱͯ͠ • iOS/Windows/OSX౳ʹ͸৴༻͞Ε͍ͯΔ • ΫϥΠΞϯτʹΑͬͯ͸৴༻͍ͯ͠ͳ͍ͷͰཁ஫ҙ

  32. ࢀߟจݙ • ҉߸શൠ • ݁৓ߒ, ҉߸ٕज़ೖ໳ • RSA҉߸/ૉ਺पΓ • ϚʔΧεɾσϡɾιʔτΠ,ૉ਺ͷԻָ

    • ʴͦͷลͷେֶͷઌੜͷαΠτͳͲ

  33. AutolayoutΛ࢖͍ͬͯΔ͕ Զ͸΋͏ݶք͔΋͠Εͳ͍ GUIͷݶք

  34. ݱࡏ࡞ͬͯΔΞϓϦΛྫʹ

  35. Ϗϡʔͷ಺༁͸͜Μͳײ͡

  36. Έͳ͞ΜɼͲ͏΍ͬͯ࢖͍ͬͯ·͔͢ʁ • Storyboard • Storyboard + xib • ίʔυ

  37. Storyboard ͜ΜͳෳࡶͳϏϡʔΛGUI͔Β ࡞Δͱ͔ෆՄೳ 9999 +1001 3h sonson_twit imgur.com 11 images

    Just installed iOS 9.3 Beta without a developer account (iPhone 6S Plus), 3D Touch animation lag gone! Search Sketch 9:41 AM 100%

  38. Storyboard + xib ҙຯෆ໌ த਎͕Θ͔Βͳ͍

  39. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ

  40. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ Θ͚ͳ͍

  41. ͜͜Ͱɼٞ࿦͍ͨ͠ • AutolayoutɼࠓޙͲ͏͠·͔͢ʁ • Storyboard • Storyboard + xib •

    ίʔυ • Ή͠ΖɼAutolayout࢖Θͳ͍ • έʔε • ҰਓͰझຯͰॻ͘৔߹ • ਺ਓͷίʔσΟϯάɼن໛͸খ͍͞ • ҙঊ/UI/UXͷσβΠφ΋͍Δن໛ͷେ͖͍
  42. None

  43. ·ͱΊ • SSLʹ͍ͭͯͷ෮श • ऍᷟʹઆ๏Ͱ͢Έ·ͤΜ • ৴༻ʹ͸͓͕͔͔ۚΓ·͢ • SSL͕ԿͷͨΊʹඞཁ͔ɼৗʹߟ͑·͠ΐ͏ •

    Let’s Encryptͷ࢖͍ํʹ͍ͭͯ • Autolayout • ٧Μͩ