Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SSLって必要ですか〜Let's Encryptを試してみよう

Avatar for sonson sonson
May 15, 2016
Programming
3
550

SSLって必要ですか〜Let's Encryptを試してみよう

SSLの必要性,Let's Encryptのちょっとした使い方について概観する.
Avatar for sonson

sonson

May 15, 2016
Tweet

More Decks by sonson

See All by sonson
計算グラフのJITコンパイラをLLVM on C++で作ろう
Avatar for sonson sonsongithub
2
580
LLVMでHalideみたいな計算グラフ+JITを作りたい
Avatar for sonson sonsongithub
0
1.4k
LLVM Tutorial 02 - わいわいswiftc
Avatar for sonson sonsongithub
1
410
LLVM Tutorial - わいわいswiftc
Avatar for sonson sonsongithub
0
320
How to make and publish a Swift playground book for iPad
Avatar for sonson sonsongithub
5
19k
Swiftで実装するHTML特殊文字の高速処理
Avatar for sonson sonsongithub
3
7.8k
First step of 3D touch
Avatar for sonson sonsongithub
0
630
Getting started with 3D Touch
Avatar for sonson sonsongithub
0
720

Other Decks in Programming

See All in Programming
FormFlow - Build Stunning Multistep Forms
Avatar for Yonel Ceruto González yceruto
1
160
関数型まつり2025登壇資料「関数プログラミングと再帰」
Avatar for Taison Tsukada taisontsukada
2
800
try-catchを使わないエラーハンドリング!? PHPでResult型の考え方を取り入れてみよう
Avatar for Takuma Kajikawa kajitack
3
500
Enterprise Web App. Development (2): Version Control Tool Training Ver. 5.1
Avatar for Koichi NAKAGAWA knakagawa
1
110
型付きアクターモデルがもたらす分散シミュレーションの未来
Avatar for Takatomo Torigoe piyo7
0
760
Webからモバイルへ Vue.js × Capacitor 活用事例
Avatar for Naoki Haba naokihaba
0
550
ReadMoreTextView
Avatar for Sungyong An fornewid
1
370
RubyKaigiで得られる10の価値 〜Ruby話を聞くことだけが RubyKaigiじゃない〜
Avatar for tomohiko.kuzuba tomohiko9090
0
140
Create a website using Spatial Web
Avatar for Akio Itaya akkeylab
0
270
人には人それぞれのサービス層がある
Avatar for shimabox shimabox
3
670
The Evolution of Enterprise Java with Jakarta EE 11 and Beyond
Avatar for ivargrimstad ivargrimstad
1
650
AWS CDKの推しポイント 〜CloudFormationと比較してみた〜
Avatar for アキキー akihisaikeda
3
230

Featured

See All Featured
Being A Developer After 40
Avatar for Adrian Kosmaczewski akosma
90
590k
Why Our Code Smells
Avatar for Brandon Keepers bkeepers
PRO
337
57k
For a Future-Friendly Web
Avatar for Brad Frost brad_frost
179
9.8k
Build your cross-platform service in a week with App Engine
Avatar for Jose L jlugia
231
18k
Easily Structure & Communicate Ideas using Wireframe
Avatar for Afnizar Nur Ghifari afnizarnur
194
16k
VelocityConf: Rendering Performance Case Studies
Avatar for Addy Osmani addyosmani
329
24k
The Pragmatic Product Professional
Avatar for Laura Van Doore lauravandoore
35
6.7k
Refactoring Trust on Your Teams (GOTO; Chicago 2020)
Avatar for Rebecca Miller-Webster rmw
34
3k
GraphQLとの向き合い方2022年版
Avatar for Yosuke Kurami quramy
46
14k
Build The Right Thing And Hit Your Dates
Avatar for Maggie C. maggiecrowley
36
2.7k
The Cost Of JavaScript in 2023
Avatar for Addy Osmani addyosmani
50
8.3k
Typedesign – Prime Four
Avatar for Hannes Fritz hannesfritz
42
2.7k

Transcript

  1. ஌͍ͬͯΔਓ͸ίʔυॻ͍͍ͯͯͩ͘͞ Tech. Yuichi Yoshida Researcher, DENSO IT Laboratory, Inc. #yidev

    @sonson_twit © 2014 DENSO IT Laboratory, Inc., All rights reserved. Redistribution or public display not permitted without written permission from DENSO IT Laboratory, Inc. Let’s Encrypt~SSL~Autolayout

  2. ࣗݾ঺հ • sonson • twitter: sonson_twit • github: sonsongithub •

    portfolio • reddift(SwiftͰॻ͍ͨreddit.comͷAPIϥούʔ) • ࢓ࣄ • ը૾ೝࣝ/ݕࡧ/ͦΕΛ࢖ͬͨΞϓϦ • ػցֶशͷ͓ษڧͱ͔ॾʑͱ͔

  3. ࠓ೔ͷ಺༰ • SSLͬͯඞཁͰ͔͢ʙLet’s Encrypt • AutolayoutΛ࢖͍ͬͯΔ͕ɼԶ͸΋͏ݶք͔΋͠Εͳ͍

  4. SSLͬͯඞཁͰ͔͢ʁ Let’s EncryptͰ͍͍ͷ͔ɼѱ͍ͷ͔

  5. ໔੹ ͜ͷൃද಺༰͸ɼ٢ా༔ҰͷݸਓతͳݟղͰ͋Γɼ ॴଐ͢Δஂମ౳ͷެࣜతͳݟղͰ͸͋Γ·ͤΜɽ ·ͨຊൃද಺༰Λฉ͖ɼͦͷཧղʹج͍ͮͯͦͷຊਓ͕ ͱͬͨ೗ԿͳΔߦಈʹΑΔଛ֐౳ʹର͠ɼ੹೚Λෛ͍·ͤΜɽ Ҏ্ͷ͜ͱΛཧղͰ͖ͳ͍ਓɼ͋Δ͍͸ड͚ೖΕΒΕͳ͍ਓ ͸ຊൃදΛฉ͘͜ͱ͸͝ԕྀ͍ͩ͘͞ɽ

  6. None
  7. None

  8. എܠ • iOS9Ҏ߱ɼATSಋೖ͞ΕΔ • σϑΥϧτͰ͢΂ͯhttps௨৴ʹஔ͖׵͑ΒΕΔ • iOSͰ΋SSL͸جຊཁ݅ʹͳΓͭͭ͋Δ • ࣗ෼Ͱӡ༻͍ͯ͠ΔαʔόͷSSLରԠ •

    sonson.jp͸ɼgithub hostingҎ֎͸͢΂ͯSSL • 2tchͷόοΫΤϯυ΋৽͍͠όʔδϣϯ͸SSL • ͦΜͱ͖ʹ৭ʑษڧͨ͠ • ϝΠϯͷڵຯ͸RSA҉߸ͷ਺ֶͩͬͨΜ͕ͩ

  9. എܠ • ͖͔͚ͬ • LINE Bot API • LINE Bot

    API • SSL௨৴ඞਢ • Let’s Encryptͩͱ࢖͑ͳ͍ • AWS͔Β͸࢖͑Δ • SSLͷূ໌ॻ • Կͷҧ͍͕͋Δͷʁ • ҰମɼԿͷͨΊʹඞཁͳͷʁ

  10. SSLͷඞཁੑ • Wi-FiͷηΩϡϦςΟ໰୊ • httpsͰͳ͍ͱةݥ • DNSͷηΩϡϦςΟ໰୊ • ѱҙͷ͋ΔDNS໰୊ •

    ηΩϡΞͳDNS͕ͳ͔ͳ͔Ͱͯ͜ͳ͍ • httpͰDNS໊͚ͩͰ૬खΛ֬ೝ͢Δͷ͸ةݥ • DNSΫϥοΫʹΑΔͳΓ͢·͠໰୊

  11. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

  12. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ ͏ͦͬ͜ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2

    bank.co.jp %/4ͷਖ਼౰ੑΛ νΣοΫ͢Δज़͕ͳ͍

  13. ҉߸௨৴ͷ3ཁ݅ • ൿಗ • ୭ʹ΋౪ΈݟΒΕͳ͍ • ׬શੑ • ୭ʹ΋վ᜵͞Εͳ͍ •

    ೝূ • ୭ʹ΋ͳΓ͢·͞Εͳ͍

  14. ࠓ೔ͷٕज़ͷݶք • ൿಗ • ૉҼ਺෼ղ͕࣮࣌ؒͰղ͔Εͳ͍ݶΓ҆શ • ׬શੑ • SHAͳͲͰ֬อͰ͖Δ •

    ೝূ • ࠓͷͱ͜Ζٕज़తʹղܾͰ͖͍ͯͳ͍

  15. ൿಗ • ެ։伴҉߸ํࣜ • RSA҉߸ • కΊΔ伴ɼ։͚Δ伴͕ҟͳΔ҉߸ํࣜ • 伴ͷ഑ૹ໰୊Λղܾͨ͠ʢ͍ͯ͠ΔʣͱݴΘΕΔ •

    ར༻͢Δ਺ֶ • ૉҼ਺෼ղ͕࣮࣌ؒͰܭࢉͰ͖ͳ͍ • ཭ࢄର਺͸࣮࣌ؒͰܭࢉͰ͖ͳ͍

  16. ׬શੑ • MD5, SHA • ͋Δσʔλͷϋογϡ஋Λ࡞Δ • MD5ͱαΠζͷখ͍͞SHA͸ةݥ • ϋογϡͷੑ࣭

    • σʔλΛೖΕΔͱϋογϡ஋͕ಘΒΕΔ • ೖྗ͕গ͠Ͱ΋มΘΔͱϋογϡ஋͸େ͖͘มΘΔ • σʔλΛվ᜵ͨ݁͠ՌʹରԠ͢Δϋογϡ஋Λ༧ଌ ͢Δ͜ͱ͸೉͍͠ • →ͭ·Γϋογϡ஋Λ֬ೝ͢Δͱվ᜵͞Ε͍ͯͳ͍ ͔Λ֬ೝͰ͖Δ

  17. ೝূ • ղܾ͢Δ਺ֶతͳ࢓૊Έ͸ະͩʹͳ͍

  18. ൿಗͱ׬શੑΛୡ੒ͯ͠΋ ૹ৴ऀ ड৴ऀ ҉߸Խσʔλ ൿಗ ҉߸Խ ׬શੑ վ᜵ෆՄ ड͚औΔ૬ख͕ ୭ͳͷ͔Θ͔Βͳ͍

    ߈ܸऀ

  19. ߈ܸྫ: man in the middle attack(MTM) ૹ৴ऀ தؒऀ ҉߸Խσʔλ ҉߸Խ

    վ᜵ෆՄ ۜߦ ҉߸Խσʔλ ೝূͷ࢓૊Έ͕ͳ͍ͱɼ୭ͱ௨৴͍ͯ͠Δ͔ͷ อূ͕ಘΒΕͳ͍

  20. ݱঢ়ͷରࡦʔSSLೝূہ • ೝূہ - Certificate Authority(CA)

  21. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕ͸ۜߦͷ ূ໌ॻͰ͢

  22. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕͩΕʁ

  23. OSXʹσϑΥϧτͰೖΔূ໌ॻ

  24. ΦϨΦϨূ໌͕μϝͳཧ༝ • man in the middle attack(MTM)ͷ㕒৯ • ͱ͸͍͑ɼMTM͘Βͬͯ΋͍͍ͬͯݴ͏ͳΒɼผ ʹΦϨΦϨূ໌ॻͰ΋Α͍ͱ͍͏͜ͱ

    • ΦϨΦϨূ໌ॻͰ͋ͬͯ΋ɼͦͷ૬खͱͷ௨৴ͷൿ ಗɼ׬શੑ͸อͨΕΔ

  25. ͳͥೝূ͕೉͍͠ͷ͔ • ʮ৴͡Δʯͱ͍͏͜ͱͷఆ͕ٛᐆດ͔ͩΒ

  26. ೝূہͷ৴༻ੑ https://www.jp.websecurity.symantec.com/repository/faq/class.html ৴༻ੑ͸ຊ౰ͷࣾձతͳ৴༻ੑΛಘΔͷͱ ಉ͡࢓૊ΈͰߏங͍ͯ͠Δ

  27. SSLূ໌ॻʹ͍ͭͯ • ೝূͷͨΊͷ࢓૊Έ • ҉߸Խͱ͔͸ɼࠜຊతʹ͸ؔ܎ͳ͍ • ࣮ࡍͷ࢓૊Έ্͋Δ͕ • ͏·͘ղܾ͢Δ޻ֶ/਺ֶతͳ࢓૊Έ͕ະͩͳ͍ •

    ೝূہɾূ໌ॻͷΫϥε • ೝূʹ͸͕͔͔ۚΔ • Let’s Encrypt΍StartSSLʹ͸৴པੑ͕଍Γͳ͍ • VerisignͳͲͷCLASS3͸৴པੑ͕ߴ͍ˠՁ֨΋ߴ͍

  28. Let’s Encrypt • ແྉͷSSLূ໌ॻ • ϝʔϧΞυϨεͷΈͷূ໌ • ࣗಈߋ৽ͷͨΊͷεΫϦϓτ΋഑෍͞Ε͍ͯΔ • https://github.com/certbot/certbot

    • ߋ৽ͷͨΊͷπʔϧ͕ͪΐͬͱલʹ͔Θͬͨ

  29. ࢓૊Έ • certbot͕Let’s Encryptͱ௨৴ͯ͠ূ໌ॻΛൃߦ • apacheͱnginx • ࣗಈͰূ໌ॻͷΠϯετʔϧ·Ͱ΍ΔΒ͍͠ • ಈ͔ͳ͍ͬͯBBSʹ͔͋ͬͨΒ࢖ͬͯͳ͍

    • webroot • ಛఆͷύεΛҰ࣌తʹ࢖͏ • letsencryptͷύεʹূ໌ॻ͕ίϐʔ͞ΕΔ • standalone • ಛఆͷϙʔτͰμΠϨΫτʹ௨৴͢ΔʢΒ͍͠ʣ • 80ͱ͔࢖͏ͷͰҰ࣌తʹαʔόΛด͡Δඞཁ͕͋Δ • manual • ڵຯͳ͍ͷͰݟͯͳ͍

  30. ͜Μ͚ͩͰΑ͍ ./letsencrypt-auto certonly --webroot \\ -w /var/www/example/ \\ -d www.example.com

  31. ৘ใ • ༗ޮظݶ • 90೔ • Let’s EncryptӡӦ͸60೔Ͱߋ৽͢Δ͜ͱΛਪ঑ • ੍ݶ

    • ͻͱͭͷIP͔ΒൃߦͰ͖ΔυϝΠϯ਺ • ͻͱͭͷIP͔ΒൃߦͰ͖Δূ໌ॻͷ਺ • ੍ݶ͸̓೔͘Β͍Ͱղআ͞ΕΔ • ೝূہͱͯ͠ • iOS/Windows/OSX౳ʹ͸৴༻͞Ε͍ͯΔ • ΫϥΠΞϯτʹΑͬͯ͸৴༻͍ͯ͠ͳ͍ͷͰཁ஫ҙ

  32. ࢀߟจݙ • ҉߸શൠ • ݁৓ߒ, ҉߸ٕज़ೖ໳ • RSA҉߸/ૉ਺पΓ • ϚʔΧεɾσϡɾιʔτΠ,ૉ਺ͷԻָ

    • ʴͦͷลͷେֶͷઌੜͷαΠτͳͲ

  33. AutolayoutΛ࢖͍ͬͯΔ͕ Զ͸΋͏ݶք͔΋͠Εͳ͍ GUIͷݶք

  34. ݱࡏ࡞ͬͯΔΞϓϦΛྫʹ

  35. Ϗϡʔͷ಺༁͸͜Μͳײ͡

  36. Έͳ͞ΜɼͲ͏΍ͬͯ࢖͍ͬͯ·͔͢ʁ • Storyboard • Storyboard + xib • ίʔυ

  37. Storyboard ͜ΜͳෳࡶͳϏϡʔΛGUI͔Β ࡞Δͱ͔ෆՄೳ 9999 +1001 3h sonson_twit imgur.com 11 images

    Just installed iOS 9.3 Beta without a developer account (iPhone 6S Plus), 3D Touch animation lag gone! Search Sketch 9:41 AM 100%

  38. Storyboard + xib ҙຯෆ໌ த਎͕Θ͔Βͳ͍

  39. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ

  40. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ Θ͚ͳ͍

  41. ͜͜Ͱɼٞ࿦͍ͨ͠ • AutolayoutɼࠓޙͲ͏͠·͔͢ʁ • Storyboard • Storyboard + xib •

    ίʔυ • Ή͠ΖɼAutolayout࢖Θͳ͍ • έʔε • ҰਓͰझຯͰॻ͘৔߹ • ਺ਓͷίʔσΟϯάɼن໛͸খ͍͞ • ҙঊ/UI/UXͷσβΠφ΋͍Δن໛ͷେ͖͍
  42. None

  43. ·ͱΊ • SSLʹ͍ͭͯͷ෮श • ऍᷟʹઆ๏Ͱ͢Έ·ͤΜ • ৴༻ʹ͸͓͕͔͔ۚΓ·͢ • SSL͕ԿͷͨΊʹඞཁ͔ɼৗʹߟ͑·͠ΐ͏ •

    Let’s Encryptͷ࢖͍ํʹ͍ͭͯ • Autolayout • ٧Μͩ