{"id":511,"date":"2016-07-05T20:12:31","date_gmt":"2016-07-05T11:12:31","guid":{"rendered":"https:\/\/dukehide.dip.jp\/wordpress\/com\/?p=511"},"modified":"2018-02-13T23:53:52","modified_gmt":"2018-02-13T14:53:52","slug":"lets-encrypt-install","status":"publish","type":"post","link":"https:\/\/dukehide.com\/pc\/lets-encrypt-install\/","title":{"rendered":"Let's Encrypt\u30a4\u30f3\u30b9\u30c8\u30fc\u30eb\u3068\u8a2d\u5b9a"},"content":{"rendered":"<p>\u4eca\u307e\u3067\u306f\u81ea\u524d\u306eSSL\/TLS\u8a3c\u660e\u66f8\u3092\u5229\u7528\u3057\u3066HTTPS\u901a\u4fe1\u3092\u884c\u3063\u3066\u3044\u307e\u3057\u305f\u304c\u30014\u6708\u306b\u6b63\u5f0f\u30b5\u30fc\u30d3\u30b9\u958b\u59cb\u3068\u306a\u3063\u305f<a href=\"https:\/\/letsencrypt.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Let's Encrypt<\/a>\u306b\u5207\u308a\u66ff\u3048\u307e\u3057\u305f\u3002<!--more--><br \/>\n\u203b\u53c2\u8003 : <a href=\"https:\/\/centossrv.com\/apache-certbot.shtml\" target=\"_blank\" rel=\"noopener noreferrer\">Web\u30b5\u30fc\u30d0\u30fc\u9593\u901a\u4fe1\u5185\u5bb9\u6697\u53f7\u5316(Apache+mod_SSL+Certbot)<\/a><\/p>\n<div class=\"terminal\">\n# cd \/usr\/local\/<br \/>\n# git clone https:\/\/github.com\/certbot\/certbot<br \/>\n# \/usr\/local\/certbot\/certbot-auto -n<br \/>\n# \/usr\/local\/certbot\/certbot-auto certonly --webroot -w \/var\/www\/html\/ -m &#109;&#97;&#105;&#108;&#97;&#100;&#100;&#114;&#101;&#115;&#115;&#64;&#100;&#117;&#107;&#101;&#104;&#105;&#100;&#101;&#46;&#100;&#105;&#112;&#46;&#106;&#112; -d dukehide.dip.jp --agree-tos<br \/>\n<br \/>\nIMPORTANT NOTES:<br \/>\n - Congratulations! Your certificate and chain have been saved at<br \/>\n   \/etc\/letsencrypt\/live\/dukehide.dip.jp\/fullchain.pem. Your cert will<br \/>\n   expire on 2016-10-03. To obtain a new or tweaked version of this<br \/>\n   certificate in the future, simply run certbot-auto again. To<br \/>\n   non-interactively renew *all* of your certificates, run<br \/>\n   \"certbot-auto renew\"<br \/>\n - If you like Certbot, please consider supporting our work by:<br \/>\n<br \/>\n   Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate<br \/>\n   Donating to EFF:                    https:\/\/eff.org\/donate-le\n<\/div>\n<p><\/p>\n<p>\u6307\u5b9a\u3057\u305f \/var\/www\/html\/ \u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u78ba\u8a8d\u7528\u306e\u300c.well-known\u300d\u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u304c\u4f5c\u6210\u3055\u308c\u3001\u304b\u3064 \/etc\/letsencrypt\/ \u30c7\u30a3\u30ec\u30af\u30c8\u30ea\u306b\u9375\u304c\u4f5c\u6210\u3055\u308c\u3066\u3044\u305f\u3089OK\u3067\u3059\u3002<\/p>\n<p>\u7d9a\u3044\u3066ssl.conf\u3067\u81ea\u524d\u306e\u9375\u3092\u6307\u5b9a\u3057\u3066\u3044\u308b\u6587\u5b57\u5217\u90e8\u5206\u3092Let's Encrypt\u306e\u9375\u306b\u66f8\u304d\u63db\u3048\u307e\u3059\u3002<\/p>\n<div class=\"ex-memo\">\n<strong>\/etc\/httpd\/conf.d\/ssl.conf<\/strong><br \/>\n#\u516c\u958b\u9375\u6307\u5b9a<br \/>\nSSLCertificateFile \/etc\/letsencrypt\/live\/dukehide.dip.jp\/cert.pem<br \/>\n<br \/>\n#\u79d8\u5bc6\u9375\u6307\u5b9a<br \/>\nSSLCertificateKeyFile \/etc\/letsencrypt\/live\/dukehide.dip.jp\/privkey.pem<br \/>\n<br \/>\n#\u4e2d\u9593\u8a3c\u660e\u66f8\u6307\u5b9a<br \/>\nSSLCertificateChainFile \/etc\/letsencrypt\/live\/dukehide.dip.jp\/chain.pem<br \/>\n<br \/>\n#TLSv1.2\u4ee5\u5916\u7121\u52b9\u5316<br \/>\nSSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1<br \/>\n#\u4f7f\u7528\u3059\u308b\u6697\u53f7\u5316\u65b9\u6cd5<br \/>\nSSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK<br \/>\n#\u6697\u53f7\u5316\u65b9\u6cd5\u3092\u30b5\u30fc\u30d0\u30fc\u5074\u3067\u6c7a\u5b9a<br \/>\nSSLHonorCipherOrder on<br \/>\n#HSTS=\u5e38\u6642HTTPS\u30a2\u30af\u30bb\u30b9\u306e\u6709\u52b9\u5316<br \/>\nHeader always set Strict-Transport-Security \"max-age=15768000\"\n<\/div>\n<p><\/p>\n<p>\u8a66\u3057\u306bTLSv1\u3068TLSv1.1\u3082\u7121\u52b9\u306b\u3057\u3066\u307f\u307e\u3057\u305f\u3002\u6697\u53f7\u5316\u65b9\u6cd5\u3082\u5c11\u3057\u62e1\u5f35\u3057\u3066\u307f\u307e\u3057\u305f\u304c\u3001\u30b5\u30fc\u30d0\u30fc\u306b\u3068\u3063\u3066\u306f\u3069\u308c\u3060\u3051\u306e\u8ca0\u8377\u306b\u306a\u308b\u304b\u306f\u4e0d\u660e\u3067\u3059\u3002<br \/>\nApache\u3092\u518d\u8d77\u52d5\u3057\u3001\u30d6\u30e9\u30a6\u30b6\u304b\u3089\u201chttps:\/\/\u201d\u3067\u63a5\u7d9a\u3057\u3066\u307f\u3066\u8b66\u544a\u304c\u51fa\u306a\u3044\u3053\u3068\u3092\u78ba\u8a8d\u3002\u7121\u6599\u3067HTTPS\u901a\u4fe1\u3092\u53ef\u80fd\u306b\u3057\u3066\u304f\u308c\u308b\u306e\u3067\u3059\u304b\u3089\u672c\u5f53\u306b\u3042\u308a\u304c\u305f\u3044\u3082\u306e\u3067\u3059\u3002<\/p>\n<p>\u306a\u304a\u3001Let's Encrypt\u306e\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u306e\u6709\u52b9\u671f\u9593\u306f3\u30f6\u6708\u306a\u306e\u3067\u3001cron\u306b\u3066\u30b5\u30fc\u30d0\u30fc\u8a3c\u660e\u66f8\u3092\u66f4\u65b0\u3067\u304d\u308b\u3088\u3046\u306b\u3059\u308b\u30b9\u30af\u30ea\u30d7\u30c8\u3082\u8ffd\u52a0\u3057\u3066\u304a\u304d\u307e\u3057\u305f\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u4eca\u307e\u3067\u306f\u81ea\u524d\u306eSSL\/TLS\u8a3c\u660e\u66f8\u3092\u5229\u7528\u3057\u3066HTTPS\u901a\u4fe1\u3092\u884c\u3063\u3066\u3044\u307e\u3057\u305f\u304c\u30014\u6708\u306b\u6b63\u5f0f\u30b5\u30fc\u30d3\u30b9\u958b\u59cb\u3068\u306a\u3063\u305fLet's Encrypt\u306b\u5207\u308a\u66ff\u3048\u307e\u3057\u305f\u3002<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"footnotes":"","_jetpack_memberships_contains_paid_content":false,"vkexunit_cta_each_option":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","enabled":false},"version":2}},"categories":[112,3],"tags":[28,107],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p9iVw6-8f","jetpack_likes_enabled":true,"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/posts\/511"}],"collection":[{"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/comments?post=511"}],"version-history":[{"count":0,"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/posts\/511\/revisions"}],"wp:attachment":[{"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/media?parent=511"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/categories?post=511"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/dukehide.com\/pc\/wp-json\/wp\/v2\/tags?post=511"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}