Upgrade to Pro — share decks privately, control downloads, hide ads and more …

SSLって必要ですか〜Let's Encryptを試してみよう

sonson
May 15, 2016
Programming
3
520

SSLって必要ですか〜Let's Encryptを試してみよう

SSLの必要性,Let's Encryptのちょっとした使い方について概観する.

sonson

May 15, 2016
Tweet

More Decks by sonson

See All by sonson
計算グラフのJITコンパイラをLLVM on C++で作ろう
sonsongithub
2
540
LLVMでHalideみたいな計算グラフ+JITを作りたい
sonsongithub
0
1.3k
LLVM Tutorial 02 - わいわいswiftc
sonsongithub
1
370
LLVM Tutorial - わいわいswiftc
sonsongithub
0
290
How to make and publish a Swift playground book for iPad
sonsongithub
5
19k
Swiftで実装するHTML特殊文字の高速処理
sonsongithub
3
7.6k
First step of 3D touch
sonsongithub
0
580
Getting started with 3D Touch
sonsongithub
0
670

Other Decks in Programming

See All in Programming
3 Effective Rules for Using Signals in Angular
manfredsteyer
PRO
0
110
TypeScript Graph でコードレビューの心理的障壁を乗り越える
ysk8hori
2
1.1k
카카오페이는 어떻게 수천만 결제를 처리할까? 우아한 결제 분산락 노하우
kakao
PRO
0
110
OnlineTestConf: Test Automation Friend or Foe
maaretp
0
110
現場で役立つモデリング 超入門
masuda220
PRO
15
3.2k
GitHub Actionsのキャッシュと手を挙げることの大切さとそれに必要なこと
satoshi256kbyte
5
430
LLM生成文章の精度評価自動化とプロンプトチューニングの効率化について
layerx
PRO
2
190
CSC509 Lecture 09
javiergs
PRO
0
140
PHP でアセンブリ言語のように書く技術
memory1994
PRO
1
170
as(型アサーション)を書く前にできること
marokanatani
9
2.6k
Hotwire or React? ~アフタートーク・本編に含めなかった話~ / Hotwire or React? after talk
harunatsujita
1
120
Streams APIとTCPフロー制御 / Web Streams API and TCP flow control
tasshi
2
350

Featured

See All Featured
Design and Strategy: How to Deal with People Who Don’t "Get" Design
morganepeng
126
18k
Agile that works and the tools we love
rasmusluckow
327
21k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
506
140k
Building Adaptive Systems
keathley
38
2.3k
Writing Fast Ruby
sferik
627
61k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
364
24k
YesSQL, Process and Tooling at Scale
rocio
169
14k
The Psychology of Web Performance [Beyond Tellerrand 2023]
tammyeverts
44
2.2k
How STYLIGHT went responsive
nonsquared
95
5.2k
Measuring & Analyzing Core Web Vitals
bluesmoon
4
120
Making the Leap to Tech Lead
cromwellryan
133
8.9k
Designing for humans not robots
tammielis
250
25k

Transcript

  1. ஌͍ͬͯΔਓ͸ίʔυॻ͍͍ͯͯͩ͘͞ Tech. Yuichi Yoshida Researcher, DENSO IT Laboratory, Inc. #yidev

    @sonson_twit © 2014 DENSO IT Laboratory, Inc., All rights reserved. Redistribution or public display not permitted without written permission from DENSO IT Laboratory, Inc. Let’s Encrypt~SSL~Autolayout

  2. ࣗݾ঺հ • sonson • twitter: sonson_twit • github: sonsongithub •

    portfolio • reddift(SwiftͰॻ͍ͨreddit.comͷAPIϥούʔ) • ࢓ࣄ • ը૾ೝࣝ/ݕࡧ/ͦΕΛ࢖ͬͨΞϓϦ • ػցֶशͷ͓ษڧͱ͔ॾʑͱ͔

  3. ࠓ೔ͷ಺༰ • SSLͬͯඞཁͰ͔͢ʙLet’s Encrypt • AutolayoutΛ࢖͍ͬͯΔ͕ɼԶ͸΋͏ݶք͔΋͠Εͳ͍

  4. SSLͬͯඞཁͰ͔͢ʁ Let’s EncryptͰ͍͍ͷ͔ɼѱ͍ͷ͔

  5. ໔੹ ͜ͷൃද಺༰͸ɼ٢ా༔ҰͷݸਓతͳݟղͰ͋Γɼ ॴଐ͢Δஂମ౳ͷެࣜతͳݟղͰ͸͋Γ·ͤΜɽ ·ͨຊൃද಺༰Λฉ͖ɼͦͷཧղʹج͍ͮͯͦͷຊਓ͕ ͱͬͨ೗ԿͳΔߦಈʹΑΔଛ֐౳ʹର͠ɼ੹೚Λෛ͍·ͤΜɽ Ҏ্ͷ͜ͱΛཧղͰ͖ͳ͍ਓɼ͋Δ͍͸ड͚ೖΕΒΕͳ͍ਓ ͸ຊൃදΛฉ͘͜ͱ͸͝ԕྀ͍ͩ͘͞ɽ

  6. None
  7. None

  8. എܠ • iOS9Ҏ߱ɼATSಋೖ͞ΕΔ • σϑΥϧτͰ͢΂ͯhttps௨৴ʹஔ͖׵͑ΒΕΔ • iOSͰ΋SSL͸جຊཁ݅ʹͳΓͭͭ͋Δ • ࣗ෼Ͱӡ༻͍ͯ͠ΔαʔόͷSSLରԠ •

    sonson.jp͸ɼgithub hostingҎ֎͸͢΂ͯSSL • 2tchͷόοΫΤϯυ΋৽͍͠όʔδϣϯ͸SSL • ͦΜͱ͖ʹ৭ʑษڧͨ͠ • ϝΠϯͷڵຯ͸RSA҉߸ͷ਺ֶͩͬͨΜ͕ͩ

  9. എܠ • ͖͔͚ͬ • LINE Bot API • LINE Bot

    API • SSL௨৴ඞਢ • Let’s Encryptͩͱ࢖͑ͳ͍ • AWS͔Β͸࢖͑Δ • SSLͷূ໌ॻ • Կͷҧ͍͕͋Δͷʁ • ҰମɼԿͷͨΊʹඞཁͳͷʁ

  10. SSLͷඞཁੑ • Wi-FiͷηΩϡϦςΟ໰୊ • httpsͰͳ͍ͱةݥ • DNSͷηΩϡϦςΟ໰୊ • ѱҙͷ͋ΔDNS໰୊ •

    ηΩϡΞͳDNS͕ͳ͔ͳ͔Ͱͯ͜ͳ͍ • httpͰDNS໊͚ͩͰ૬खΛ֬ೝ͢Δͷ͸ةݥ • DNSΫϥοΫʹΑΔͳΓ͢·͠໰୊

  11. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

  12. ѱҙ͋ΔDNSͷڴҖ ΫϥΠΞϯτ ͏ͦͬ͜ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2

    bank.co.jp %/4ͷਖ਼౰ੑΛ νΣοΫ͢Δज़͕ͳ͍

  13. ҉߸௨৴ͷ3ཁ݅ • ൿಗ • ୭ʹ΋౪ΈݟΒΕͳ͍ • ׬શੑ • ୭ʹ΋վ᜵͞Εͳ͍ •

    ೝূ • ୭ʹ΋ͳΓ͢·͞Εͳ͍

  14. ࠓ೔ͷٕज़ͷݶք • ൿಗ • ૉҼ਺෼ղ͕࣮࣌ؒͰղ͔Εͳ͍ݶΓ҆શ • ׬શੑ • SHAͳͲͰ֬อͰ͖Δ •

    ೝূ • ࠓͷͱ͜Ζٕज़తʹղܾͰ͖͍ͯͳ͍

  15. ൿಗ • ެ։伴҉߸ํࣜ • RSA҉߸ • కΊΔ伴ɼ։͚Δ伴͕ҟͳΔ҉߸ํࣜ • 伴ͷ഑ૹ໰୊Λղܾͨ͠ʢ͍ͯ͠ΔʣͱݴΘΕΔ •

    ར༻͢Δ਺ֶ • ૉҼ਺෼ղ͕࣮࣌ؒͰܭࢉͰ͖ͳ͍ • ཭ࢄର਺͸࣮࣌ؒͰܭࢉͰ͖ͳ͍

  16. ׬શੑ • MD5, SHA • ͋Δσʔλͷϋογϡ஋Λ࡞Δ • MD5ͱαΠζͷখ͍͞SHA͸ةݥ • ϋογϡͷੑ࣭

    • σʔλΛೖΕΔͱϋογϡ஋͕ಘΒΕΔ • ೖྗ͕গ͠Ͱ΋มΘΔͱϋογϡ஋͸େ͖͘มΘΔ • σʔλΛվ᜵ͨ݁͠ՌʹରԠ͢Δϋογϡ஋Λ༧ଌ ͢Δ͜ͱ͸೉͍͠ • →ͭ·Γϋογϡ஋Λ֬ೝ͢Δͱվ᜵͞Ε͍ͯͳ͍ ͔Λ֬ೝͰ͖Δ

  17. ೝূ • ղܾ͢Δ਺ֶతͳ࢓૊Έ͸ະͩʹͳ͍

  18. ൿಗͱ׬શੑΛୡ੒ͯ͠΋ ૹ৴ऀ ड৴ऀ ҉߸Խσʔλ ൿಗ ҉߸Խ ׬શੑ վ᜵ෆՄ ड͚औΔ૬ख͕ ୭ͳͷ͔Θ͔Βͳ͍

    ߈ܸऀ

  19. ߈ܸྫ: man in the middle attack(MTM) ૹ৴ऀ தؒऀ ҉߸Խσʔλ ҉߸Խ

    վ᜵ෆՄ ۜߦ ҉߸Խσʔλ ೝূͷ࢓૊Έ͕ͳ͍ͱɼ୭ͱ௨৴͍ͯ͠Δ͔ͷ อূ͕ಘΒΕͳ͍

  20. ݱঢ়ͷରࡦʔSSLೝূہ • ೝূہ - Certificate Authority(CA)

  21. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 1.1.1.1 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕ͸ۜߦͷ ূ໌ॻͰ͢

  22. ݱঢ়ͷରࡦʔSSLೝূہ ΫϥΠΞϯτ %/4 ۜߦ *1 χηۜߦ *1 bank.co.jp 2.2.2.2 bank.co.jp

    ೝূہ ূ໌ॻ ͦΕͩΕʁ

  23. OSXʹσϑΥϧτͰೖΔূ໌ॻ

  24. ΦϨΦϨূ໌͕μϝͳཧ༝ • man in the middle attack(MTM)ͷ㕒৯ • ͱ͸͍͑ɼMTM͘Βͬͯ΋͍͍ͬͯݴ͏ͳΒɼผ ʹΦϨΦϨূ໌ॻͰ΋Α͍ͱ͍͏͜ͱ

    • ΦϨΦϨূ໌ॻͰ͋ͬͯ΋ɼͦͷ૬खͱͷ௨৴ͷൿ ಗɼ׬શੑ͸อͨΕΔ

  25. ͳͥೝূ͕೉͍͠ͷ͔ • ʮ৴͡Δʯͱ͍͏͜ͱͷఆ͕ٛᐆດ͔ͩΒ

  26. ೝূہͷ৴༻ੑ https://www.jp.websecurity.symantec.com/repository/faq/class.html ৴༻ੑ͸ຊ౰ͷࣾձతͳ৴༻ੑΛಘΔͷͱ ಉ͡࢓૊ΈͰߏங͍ͯ͠Δ

  27. SSLূ໌ॻʹ͍ͭͯ • ೝূͷͨΊͷ࢓૊Έ • ҉߸Խͱ͔͸ɼࠜຊతʹ͸ؔ܎ͳ͍ • ࣮ࡍͷ࢓૊Έ্͋Δ͕ • ͏·͘ղܾ͢Δ޻ֶ/਺ֶతͳ࢓૊Έ͕ະͩͳ͍ •

    ೝূہɾূ໌ॻͷΫϥε • ೝূʹ͸͕͔͔ۚΔ • Let’s Encrypt΍StartSSLʹ͸৴པੑ͕଍Γͳ͍ • VerisignͳͲͷCLASS3͸৴པੑ͕ߴ͍ˠՁ֨΋ߴ͍

  28. Let’s Encrypt • ແྉͷSSLূ໌ॻ • ϝʔϧΞυϨεͷΈͷূ໌ • ࣗಈߋ৽ͷͨΊͷεΫϦϓτ΋഑෍͞Ε͍ͯΔ • https://github.com/certbot/certbot

    • ߋ৽ͷͨΊͷπʔϧ͕ͪΐͬͱલʹ͔Θͬͨ

  29. ࢓૊Έ • certbot͕Let’s Encryptͱ௨৴ͯ͠ূ໌ॻΛൃߦ • apacheͱnginx • ࣗಈͰূ໌ॻͷΠϯετʔϧ·Ͱ΍ΔΒ͍͠ • ಈ͔ͳ͍ͬͯBBSʹ͔͋ͬͨΒ࢖ͬͯͳ͍

    • webroot • ಛఆͷύεΛҰ࣌తʹ࢖͏ • letsencryptͷύεʹূ໌ॻ͕ίϐʔ͞ΕΔ • standalone • ಛఆͷϙʔτͰμΠϨΫτʹ௨৴͢ΔʢΒ͍͠ʣ • 80ͱ͔࢖͏ͷͰҰ࣌తʹαʔόΛด͡Δඞཁ͕͋Δ • manual • ڵຯͳ͍ͷͰݟͯͳ͍

  30. ͜Μ͚ͩͰΑ͍ ./letsencrypt-auto certonly --webroot \\ -w /var/www/example/ \\ -d www.example.com

  31. ৘ใ • ༗ޮظݶ • 90೔ • Let’s EncryptӡӦ͸60೔Ͱߋ৽͢Δ͜ͱΛਪ঑ • ੍ݶ

    • ͻͱͭͷIP͔ΒൃߦͰ͖ΔυϝΠϯ਺ • ͻͱͭͷIP͔ΒൃߦͰ͖Δূ໌ॻͷ਺ • ੍ݶ͸̓೔͘Β͍Ͱղআ͞ΕΔ • ೝূہͱͯ͠ • iOS/Windows/OSX౳ʹ͸৴༻͞Ε͍ͯΔ • ΫϥΠΞϯτʹΑͬͯ͸৴༻͍ͯ͠ͳ͍ͷͰཁ஫ҙ

  32. ࢀߟจݙ • ҉߸શൠ • ݁৓ߒ, ҉߸ٕज़ೖ໳ • RSA҉߸/ૉ਺पΓ • ϚʔΧεɾσϡɾιʔτΠ,ૉ਺ͷԻָ

    • ʴͦͷลͷେֶͷઌੜͷαΠτͳͲ

  33. AutolayoutΛ࢖͍ͬͯΔ͕ Զ͸΋͏ݶք͔΋͠Εͳ͍ GUIͷݶք

  34. ݱࡏ࡞ͬͯΔΞϓϦΛྫʹ

  35. Ϗϡʔͷ಺༁͸͜Μͳײ͡

  36. Έͳ͞ΜɼͲ͏΍ͬͯ࢖͍ͬͯ·͔͢ʁ • Storyboard • Storyboard + xib • ίʔυ

  37. Storyboard ͜ΜͳෳࡶͳϏϡʔΛGUI͔Β ࡞Δͱ͔ෆՄೳ 9999 +1001 3h sonson_twit imgur.com 11 images

    Just installed iOS 9.3 Beta without a developer account (iPhone 6S Plus), 3D Touch animation lag gone! Search Sketch 9:41 AM 100%

  38. Storyboard + xib ҙຯෆ໌ த਎͕Θ͔Βͳ͍

  39. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ

  40. ίʔυ ҙຯෆ໌ ͕ͩσβΠφ͕ ͍ͳ͍ͷͰͳΜͱ͔ͳΔ Θ͚ͳ͍

  41. ͜͜Ͱɼٞ࿦͍ͨ͠ • AutolayoutɼࠓޙͲ͏͠·͔͢ʁ • Storyboard • Storyboard + xib •

    ίʔυ • Ή͠ΖɼAutolayout࢖Θͳ͍ • έʔε • ҰਓͰझຯͰॻ͘৔߹ • ਺ਓͷίʔσΟϯάɼن໛͸খ͍͞ • ҙঊ/UI/UXͷσβΠφ΋͍Δن໛ͷେ͖͍
  42. None

  43. ·ͱΊ • SSLʹ͍ͭͯͷ෮श • ऍᷟʹઆ๏Ͱ͢Έ·ͤΜ • ৴༻ʹ͸͓͕͔͔ۚΓ·͢ • SSL͕ԿͷͨΊʹඞཁ͔ɼৗʹߟ͑·͠ΐ͏ •

    Let’s Encryptͷ࢖͍ํʹ͍ͭͯ • Autolayout • ٧Μͩ