{"id":838,"date":"2017-09-07T10:43:05","date_gmt":"2017-09-07T01:43:05","guid":{"rendered":"http:\/\/gomocool.net\/gomokulog\/?p=838"},"modified":"2017-10-04T12:51:45","modified_gmt":"2017-10-04T03:51:45","slug":"lets-encrypt","status":"publish","type":"post","link":"https:\/\/gomokulog.gomocool.net\/?p=838","title":{"rendered":"\u3056\u3063\u304f\u308a Let’s Encrypt !!"},"content":{"rendered":"

Let’s Encrypt \u3068\u306f\u306a\u3093\u305e\u3084\u3002<\/p>\n

\u7121\u6599\u306e\u8a3c\u660e\u66f8\u3092\u4f7f\u3063\u3066\u3001https\u306b\u3059\u308b\u3082\u306e\u3067\u3042\u308b\u3002<\/p>\n

\u3061\u3087\u3063\u3068\u8abf\u3079\u305f\u3089\u3001Let’s Encrypt \u3067\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u3059\u308b\u65b9\u6cd5\u304c\u60f3\u50cf\u4ee5\u4e0a\u306b\u7c21\u5358\u3060\u3063\u305f\u306e\u3067\u304a\u52e7\u3081\u3059\u308b\u3002<\/p>\n

\u4ee5\u4e0b\u306f\u3001CentOS6.9 + Apache \u306b\u8a3c\u660e\u66f8\u3092\u5c0e\u5165\u3059\u308b\u65b9\u6cd5\u3092\u3056\u3063\u304f\u308a\u3068\u8a18\u8f09\u3059\u308b\u3002<\/p>\n

\u5c0e\u5165<\/h2>\n

epel\u306e\u30ea\u30dd\u30b8\u30c8\u30ea\u3092\u8ffd\u52a0<\/p>\n

# yum install epel-release<\/pre>\n
\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3059\u308b\u5834\u6240\u306b\u30ab\u30ec\u30f3\u30c8\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u3092\u79fb\u52d5\u3002\u81ea\u5206\u306froot\u306e\u30db\u30fc\u30e0\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u3057\u305f\u3002<\/p>\n
# cd ~<\/pre>\n
wget\u30b3\u30de\u30f3\u30c9\u3067\u30d1\u30c3\u30b1\u30fc\u30b8\u3092\u843d\u3068\u3057\u3066\u304f\u308b\u3002<\/p>\n
# wget https:\/\/dl.eff.org\/certbot-auto<\/pre>\n
\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306e\u6a29\u9650\u3092\u5909\u66f4<\/p>\n
# chmod a+x certbot-auto<\/pre>\n
certbot-auto\u3092\u5b9f\u884c\u3059\u308b\u3002\u3053\u308c\u3088\u308a\u5bfe\u8a71\u7684\u306b\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u304c\u958b\u59cb\u3055\u308c\u308b\u3002<\/p>\n
# .\/certbot-auto<\/pre>\n
\u9014\u4e2d\u3067yes no \u805e\u304b\u308c\u308b\u306e\u3067\u3001y\u3068\u7b54\u3048\u308b\u3002<\/p>\n
\u7dcf\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u5bb9\u91cf\uff1a49M\r\n\u3053\u308c\u3067\u3044\u3044\u3067\u3059\u304b\uff1f[y\/N]\r\n<\/pre>\n
\u306a\u3093\u304b\u30a8\u30e9\u30fc (CentOS6\u306e\u5834\u5408\u306f\u3067\u308b\u53ef\u80fd\u6027\u5927\u306e\u6a21\u69d8)<\/p>\n
# .\/certbot-auto: line 530: virtualenv: \u30b3\u30de\u30f3\u30c9\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093<\/pre>\n
\u89e3\u6c7a\u7b56\u3067\u3001Python\u5165\u308c\u308d\u3068\u306e\u3053\u3068\u3002<\/p>\n
# yum install centos-release-scl<\/pre>\n
Python27\u3092\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb<\/p>\n
# yum install python27 python27-python-tools<\/pre>\n
Python27\u3092root\u6a29\u9650\u3067\u4e00\u6642\u7684\u4f7f\u3046\u3088\u3046\u306b\u3059\u308b\u3002<\/p>\n
scl enable python27 bash<\/pre>\n
\u518d\u5ea6\u3001certbot-auto\u5b9f\u884c<\/p>\n
# .\/certbot-auto<\/pre>\n
Email\u306e\u5165\u529b\u3092\u50ac\u4fc3\u3055\u308c\u308b\u306e\u3067\u9069\u5f53\u306b\u5165\u529b<\/p>\n
Enter email address (used for urgent renewal and security notices) (Enter 'c' to\r\ncancel):<\/pre>\n
\u898f\u7d04\u306b\u540c\u610f\u3059\u308b\u304b\u3069\u3046\u304b\u3092\u805e\u304b\u308c\u308b<\/p>\n
-------------------------------------------------------------------------------\r\nPlease read the Terms of Service at\r\nhttps:\/\/letsencrypt.org\/documents\/LE-SA-v1.1.1-August-1-2016.pdf. You must agree\r\nin order to register with the ACME server at\r\nhttps:\/\/acme-v01.api.letsencrypt.org\/directory\r\n-------------------------------------------------------------------------------<\/pre>\n
emai\u306b\u4f55\u304b\u9001\u3063\u3066\u3082\u3044\u3044\u304b\uff5e\uff1f\u7684\u306a<\/p>\n
-------------------------------------------------------------------------------\r\nWould you be willing to share your email address with the Electronic Frontier\r\nFoundation, a founding partner of the Let's Encrypt project and the non-profit\r\norganization that develops Certbot? We'd like to send you email about EFF and\r\nour work to encrypt the web, protect its users and defend digital rights.\r\n-------------------------------------------------------------------------------<\/pre>\n
virtulhost\u306e\u5834\u5408\u3001\u3069\u306e\u30c9\u30e1\u30a4\u30f3\u306b\u5272\u308a\u5f53\u3066\u308b\u304b\u805e\u304b\u308c\u308b\u306e\u3067\u8a72\u5f53\u306e\u6570\u3092\u5165\u308c\u308b\u3002
\n\u3061\u306a\u307f\u306b\u3001virtualhost\u3067\u306a\u3044\u5834\u5408\u306f\u3001\u30c9\u30e1\u30a4\u30f3\u76f4\u63a5\u5165\u529b\u3057\u3066\uff5e\u7684\u306a\u753b\u9762\u304c\u51fa\u308b\u3002<\/p>\n
Which names would you like to activate HTTPS for?\r\n-------------------------------------------------------------------------------\r\n1: gomocool.net\r\n2: gomokulog.gomocool.net\r\n3: xxxxxx\r\n-------------------------------------------------------------------------------<\/pre>\n
HTTP\u306b\u6765\u305f\u3089HTTPS\u306b\u30a2\u30af\u30bb\u30b9\u3092\u30ea\u30c0\u30a4\u30ec\u30af\u30c8\u3059\u308b\u304b\u3002<\/p>\n
-------------------------------------------------------------------------------\r\n1: No redirect - Make no further changes to the webserver configuration.\r\n2: Redirect - Make all requests redirect to secure HTTPS access. Choose this for\r\nnew sites, or if you're confident your site works on HTTPS. You can undo this\r\nchange by editing your web server's configuration.\r\n-------------------------------------------------------------------------------<\/pre>\n
\u4ee5\u4e0b\u304c\u3067\u305f\u3089\u6210\u529f<\/p>\n
-------------------------------------------------------------------------------\r\nCongratulations! You have successfully enabled https:\/\/toretomo.gomokuro.net\r\n\r\nYou should test your configuration at:\r\nhttps:\/\/www.ssllabs.com\/ssltest\/analyze.html?d=toretomo.gomokuro.net\r\n-------------------------------------------------------------------------------\r\n<\/pre>\n
\u66f4\u65b0<\/h2>\n
\u3061\u306a\u307f\u306b\u30013\u304b\u6708\u3067\u671f\u9650\u306f\u5207\u308c\u308b\u3002<\/p>\n
cron\u3067.\/certbot-auto renew<\/span>\u00a0\u3092\u8a2d\u5b9a\u3059\u308c\u3070\u3001\u671f\u9650\u304c\u5207\u308c\u305d\u3046\u306a\u3082\u306e\u3060\u3051\u52dd\u624b\u306b\u66f4\u65b0\u3059\u308b\u3002<\/p>\n
 <\/p>\n
\u307e\u3068\u3081<\/h2>\n
\u4f55\u304b\u8272\u3005\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3055\u308c\u3066\u3054\u306b\u3087\u3054\u306b\u3087\u3055\u308c\u3066\u3044\u308b\u306e\u3067\u3001\u672c\u756a\u30b5\u30a4\u30c8\u3067\u4f7f\u3046\u306e\u306f\u3061\u3087\u3063\u3068\u6016\u3044\u304c\u3001\u30b9\u30c6\u30fc\u30b8\u30f3\u30b0\u30b5\u30a4\u30c8\u306b\u308f\u3056\u308f\u3056\u8a3c\u660e\u66f8\u5165\u308c\u308b\u306e\u52ff\u4f53\u306a\u3044\u3068\u304b\u3001\u304a\u554f\u3044\u5408\u308f\u305b\u7a0b\u5ea6\u306e\u30d5\u30a9\u30fc\u30e0\u3057\u304b\u306a\u3044\u30b5\u30a4\u30c8\u3050\u3089\u3044\u306b\u8a3c\u660e\u66f8\u3092\u308f\u3056\u308f\u3056\u8cfc\u5165\u3059\u308b\u3082\u306e\u52ff\u4f53\u306a\u3044\u3068\u3044\u3046\u5834\u5408\u306b\u306f\u6700\u9ad8\u304b\u3082\u3002<\/p>\n
 <\/p>\n
\u53c2\u8003<\/h2>\n
https:\/\/letsencrypt.jp\/<\/p>\n","protected":false},"excerpt":{"rendered":"
Let’s Encrypt \u3068\u306f\u306a\u3093\u305e\u3084\u3002 \u7121\u6599\u306e\u8a3c\u660e\u66f8\u3092\u4f7f\u3063\u3066\u3001https\u306b\u3059\u308b\u3082\u306e\u3067\u3042\u308b\u3002 \u3061\u3087\u3063\u3068\u8abf\u3079\u305f\u3089\u3001Let’s Encrypt \u3067\u8a3c\u660e\u66f8\u3092\u53d6\u5f97\u3059\u308b\u65b9\u6cd5\u304c\u60f3\u50cf\u4ee5\u4e0a\u306b\u7c21\u5358\u3060\u3063\u305f\u306e\u3067\u304a\u52e7\u3081…  more →<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[71,70],"class_list":["post-838","post","type-post","status-publish","format-standard","hentry","category-server","tag-ssl","tag-70"],"_links":{"self":[{"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/posts\/838","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=838"}],"version-history":[{"count":4,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/posts\/838\/revisions"}],"predecessor-version":[{"id":848,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=\/wp\/v2\/posts\/838\/revisions\/848"}],"wp:attachment":[{"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=838"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=838"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gomokulog.gomocool.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=838"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}