�� 5 �� =�ȸ��λ��

��ξϤǤϡ��=�ȸ��ǧ�ڤ��Ѥ��Sun Java System Web Proxy Server �Υ��ƥ��ݸ�ˤĤ��$��ޤ��Proxy Server �ˤϡ��٤Ƥ� Sun Java System ��С��Υ��ƥ��ƥ��e㡼��礵��Ƥ��ޤ��Proxy Server �ϡ��߱��-��0��-��³��ݤ��뤿�ᡢ�ȳ�ɸ�प��ɸ��ץ�ȥ��˴�Ť��ƹ��ۤ��Ƥ��ޤ��

��ξϤǤϡ��Ź沽��沽��ǥ��=񡢰Ź沽�ץ�ȥ��ʤɡ��Ź��˴ؤ��ܳ�ǰ��򤷤Ƥ��뤳�Ȥ�p��Ȥ��Ƥ��ޤ��ܺ٤ϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��

��=�١��ǧ��

ǧ�ڤȤϡ��̾��ǧ��뤿��Υץ?��Τ��ȤǤ��ͥåȥ��𤷤��äǤϡ�ǧ�ڤϡ��оݤ�¾�ȶ��̤��뤿��γμ¤ʼ��ʤǤ��=�ϡ�ǧ�ڤ򥵥ݡ��Ȥ��ˡ�� 1 �ĤǤ��

��=�ϡ��Ŀ͡��ȡ��ޤ��Ϥ��¾�Υ��ƥ��ƥ��̾p��ꤹ��ǥ��ǡ��ǹ�.��졢��ξ��=�˴ޤޤ�Ƥ��Υ��ƥ��ƥ��°��Ƥ��뤳�Ȥ��$��ޤ��

��饤��Ȥȥ��С��ξ��Ǿ��=��Ĥ��Ȥ��Ǥ��ޤ��С�ǧ�ڤȤϡ��饤��Ȥˤ�롢��С��γμ¤ʼ�� (��Υͥåȥ��ɥ쥹�ˤ��륵��С��Ф��Ǥ��ĤȤ��Ƥ��ȿ��μ��) �Ǥ��饤��ǧ�ڤȤϡ��С��ˤ�롢��饤��Ȥγμ¤ʼ�� (��饤��ȥ��եȥ��Ѥ��Ƥ��ȸ��ʤ��ͤμ��) �Ǥ��饤��Ȥϡ�ʣ��ξ��=��ͭ�Ǥ��ޤ��ϡ�1 �ͤοͤ�� ID ��ͭ��Ƥ��Τ�Ʊ��ȤǤ��

��=�ϡ��=�ȯ�Զ� (Certificate Authority��CA) �ˤ�ä�ȯ�Ԥ��졢�ǥ��̾��ʤ��ޤ��CA �ϡ��=��䤹��Ȥξ��⡢��Ȥǡ��ȥ�ͥåȤ䥨��ȥ�ͥåȤξ��=��ȯ�Ԥ�ô��ξ��⤢��ޤ��¾�Υ桼��μ��̾��θ��ڼ��ʤȤ��Ƥɤ� CA ��ꤹ�뤫�ϡ��桼��Ȥ��ꤷ�ޤ��

��=�ˤϡ��Ӿ��=�ˤ�äƼ��̤��륨��ƥ��ƥ��̾p�Τۤ��ˡ�ͭ��¡��=��ȯ�Ԥ�� CA ��̾�Ρ��Ӿ��=��ȯ�Ԥ�� CA �Υǥ��̾��ޤޤ�ޤ��

��=��Ƥ��ӥե��ޥåȤˤĤ��Ƥϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��


��	�Ź沽��ǽ��ͭ��ˤ��ˤϡ��p�˥��С��=�򥤥󥹥ȡ��뤷�Ƥ��ɬ�פ��ޤ��

��ǡ��١��κ�.

��С��=��׵᤹��p�ˡ��ǡ��١��.��Ƥ��ɬ�פ��ޤ��Proxy Server �Ǥϡ��С��ȳƥ��С��Υ��󥹥��󥹤��ȼ��ο��ǡ��١��ͭ�Ǥ��ޤ��ǡ��١��ϡ��?��륳��ԥ塼��ˤ$��.�Ǥ��ޤ��

��ǡ��١��.��Ȥ��ˤϡ��ڥ��ե��˻��Ѥ��ѥ���ɤ��ꤷ�ޤ��Υѥ���ɤϡ��Ź沽��줿�̿��Ѥ��ƥ��С��ư��Ȥ��ˤ�ɬ�פǤ��ѥ���ɤ�j�򤹤�Ȥ��˹�θ��ɬ�פΤ��륬��ɥ饤��ˤĤ��Ƥϡ��ֶ��Ǥʥѥ���ɤ�j��򻲾Ȥ��Ƥ��$��

��ǡ��١��Ǥϡ��ڥ��ե��ȸƤФ��.��¸��ޤ��ڥ��ե��ϡ�SSL �Ź沽�˻��Ѥ��ޤ��С��=��׵ᤷ��󥹥ȡ��뤹��Ȥ��ˤϡ��ڥ��ե��Ѥ��ޤ��=�ϡ��󥹥ȡ��뤷��Ȥ˿��ǡ��١��˳�Ǽ��ޤ��

��ڥ��ե��ϡ��Υǥ��쥯�ȥ��˰Ź沽��¸��ޤ��

��С��ϡ��ǡ��١�� 1 �Ĥ$��ͭ�Ǥ��ޤ��ޤ��С��˴ޤޤ��ƥ��󥹥��󥹤ϡ��줾��Ѥο��ǡ��١��ͭ�Ǥ��ޤ��

��ǡ��١��.��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Create Database�ץ�󥯤򥯥�å��ޤ��

��ǡ��١��Υѥ���ɤ��Ϥ��ޤ��

�⤦��٥ѥ���ɤ��Ϥ��λ��פ򥯥�å��ޤ��

password.conf �λ��

�ǥե��ȤǤϡ�Proxy Server ��ư��p�ˡ��Ԥ˸��ǡ��١��Υѥ���ɤ��Ϥ��褦��ץ��ץȤ�ɽ��ޤ��Proxy Server ��̵�ͤǺƵ�ư��ˤϡ�password.conf �ե��˥ѥ���ɤ��¸��ɬ�פ��ޤ��Υե��ȸ��ǡ��١��?�ˤ��餵��ʤ��褦�ˤ��뤿��ˡ��Ԥ��Τϥ��ƥब��ʬ�˥��ƥ��ݸ��Ƥ��$��ˤ��Ƥ��$��

�̾��С��ϵ�ư��p�˥ѥ���ɤ��׵᤹�뤿�ᡢ/etc/rc.local �ե��ޤ�� /etc/inittab �ե��ǡ�UNIX �� SSL ��ͭ��ʥ��С��ư��뤳�ȤϤǤ��ޤ��󡣥ե��˥ץ졼��ƥ��Ȥǥѥ���ɤ��¸��Ƥ�� SSL ��ͭ��ʥ��С��ưŪ�˵�ư��뤳�Ȥ��Ǥ��ޤ��ˡ�Ϥ��Ǥ��ޤ��󡣥��С�� password.conf �ե��ϡ�root �ޤ��ϥ��С��򥤥󥹥ȡ��뤷��桼��$��ͭ��ν�ͭ�ԤΤߤ��Υե��ɤ߼�ꤪ��ӽ񤭹��ߥ��Ĥ٤��Ǥ��

UNIX �ǡ�password.conf �ե�� SSL ��ͭ��ʥ��С��Υѥ���ɤ��¸��Ƥ��ȡ��ƥ��Υꥹ��礭��ʤ�ޤ��ե��˥��Ǥ��桼��ʤ�ï�Ǥ⡢SSL ��ͭ��ʥ��С��Υѥ���ɤ˥��Ǥ��뤫��Ǥ��äơ�SSL ��ͭ��ʥ��С��Υѥ���ɤ�password.conf �ե��¸��p�ˡ��ƥ��Υꥹ��ˤĤ��Ƹ�Ƥ��Ƥ��ɬ�פ��ޤ��

Windows �ǡ�NTFS �ե��륷��ƥ��Ѥ��ϡ�password.conf �ե��Ѥ��ʤ��Ƥ⡢��)�¤ˤ�äƤ��Υե��¸��Ƥ��ǥ��쥯�ȥ�Υ��ƥ��ݸ�Ƥ��$��$��Υǥ��쥯�ȥ�ˤϡ��С��Υ桼�� Proxy Server �Υ桼��Ф��ɤ߼�ꤪ��ӽ񤭹��ߵ�Ĥ��ɬ�פ��ޤ��ǥ��쥯�ȥ�Υ��ƥ��ݸ�Ƥ��ȡ�¾�Ԥ�� password.conf �ե��.��뤳�Ȥ��ɤ��ޤ��FAT �ե��륷��ƥ��Ǥϡ��ǥ��쥯�ȥ��ե��ؤΥ��)�¤��Ƥ⡢�ǥ��쥯�ȥ��ե��Υ��ƥ��ݸ�뤳�ȤϤǤ��ޤ��

SSL ��ͭ��ʥ��С��ưŪ�˵�ư

SSL ��ͭ��ʥ��С��ưŪ�˵�ư��ˤ�

SSL ��ͭ��ˤʤäƤ��뤳�Ȥ��ǧ��ޤ��

Proxy Server ��󥹥��󥹤� config ��֥ǥ��쥯�ȥ��ˡ�� password.conf �ե��.��ޤ��

Proxy Server �˴ޤޤ�Ƥ�� PKCS #11 ��եȥ��Ź沽�⥸�塼��Ѥ��Ƥ��ˤϡ��ξ��Ϥ��ޤ��
internal:your_ password

�̤� PKCS #11 �⥸�塼�� (�ϡ��ɥ��ΰŹ沽�ޤ��ϥϡ��ɥ��졼��) ��Ѥ��Ƥ��ϡ�PKCS #11 �⥸�塼��̾p��ꤷ��θ��˥ѥ���ɤ��Ϥ��ޤ��򼡤˼��ޤ��
nFast:your_ password

password.conf �ե��.��Ǥ⡢Proxy Server ��ư��Ȥ��ˤϡ��ѥ���ɤ��Ϥ��褦��ץ��ץȤ�ɽ��ޤ��

VeriSign ��=��׵ᤪ��ӥ��󥹥ȡ��

VeriSign �ϡ�Proxy Server �ο侩��=�ȯ�ԶɤǤ��VeriSign �Υƥ��Υ?�ˤ�äơ��=�ꥯ��ȥץ?��ϥ��ץ�ˤʤ�ޤ��VeriSign �ϡ�ľ�ܥ��С��Ф��ƾ��=��֤��Ȥ��$��ޤ��

��С��˾��=��ǡ��١��.�塢��=��׵ᤷ��=�ȯ�Զ� (CA) �ˤ��ФǤ��ޤ��Ҥ��ȼ�� CA ��ˤϡ��礫��ȯ�Ԥ��=��׵ᤷ�ޤ�� CA ��ξ��=��ͽ�ꤷ�Ƥ��ˤϡ�CA ��j�ꤷ��CA ��ɬ�פȤ��Υե��ޥåȤ��ꤷ�Ƥ��$��

��С��ϡ��С��=�� 1 �Ĥ��ͭ�Ǥ��ޤ��󡣳ƥ��С��Υ��󥹥��󥹤ϡ��ѤΥ��С��=��ͭ�Ǥ��ޤ��

VeriSign ��=��׵�

VeriSign ��=�Υ��󥹥ȡ��

VeriSign ��=��׵�

VeriSign ��=��׵᤹��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Request VeriSign Certificate�ץ�󥯤򥯥�å��ޤ��

ɽ��ڡ��˵��ܤ��Ƥ��ǧ��λ��פ򥯥�å��ޤ��VeriSign Enrollment Wizard�פ�ɽ��졢��礬��֤˻ؼ��ޤ��

VeriSign ��=�Υ��󥹥ȡ��

VeriSign ��=�򥤥󥹥ȡ��뤹��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Install VeriSign Certificate�ץ�󥯤򥯥�å��ޤ��

��ΰŹ沽�⥸�塼��Ѥ��ʳ��ϡ��Cryptographic Module�ץɥ�åץ%��ꥹ�Ȥ��Internal�פ�j�򤷤ޤ��

��ڥ��ե��ѥ���ɤޤ�� PIN ��Ϥ��ޤ��

�ɥ�åץ%��ꥹ�Ȥ��$��Transaction ID�פ�j�򤷡��λ��פ򥯥�å��ޤ��

�ۤ��Υ��С��=��׵ᤪ��ӥ��󥹥ȡ��

VeriSign �Τۤ��ˡ�¾�ξ��=�ȯ�Զɤ��ξ��=��׵ᤷ��󥹥ȡ��뤹�뤳�Ȥ��Ǥ��ޤ��Ҥޤ��ȿ��ȼ��=��󶡤��Ƥ��⤢��ޤ��Ǥϡ��ۤ��μ��Υ��С��=��׵ᤪ��ӥ��󥹥ȡ��뤹��ˡ�ˤĤ��$��ޤ��

ɬ�פ� CA ��

�ۤ��Υ��С��=��׵�

�ۤ��Υ��С��=�Υ��󥹥ȡ��

ɬ�פ� CA ��

�׵��Ϥ��p�ˡ�CA ��ɬ�פȤ��ǧ��Ƥ��ɬ�פ��ޤ��ɬ�פʾ��Υե��ޥåȤ� CA �ˤ�äưۤʤ�ޤ��̾�ϡ��˼��ꤹ��褦�˻��ꤵ��ޤ��ξ��ΤۤȤ�ɤϡ��=�ι��ξ��ˤϡ��̾�ɬ�פ��ޤ��

�׵�Ԥ�̾p: ��=�ȯ�Ԥ��оݤ�̾p�Ǥ��

��ֹ�: �׵�Ԥ��ֹ�Ǥ��

��̾: DNS ��ǻ��Ѥ��봰t��ۥ��̾�Ǥ��ɬ�פ��ޤ� (��Ȥ��С�www.example.com)��

�Żҥ᡼�륢�ɥ쥹: �桼�� CA �Ȥδ֤�Ϣ��˻��Ѥ��롢�Ż��Żҥ᡼�륢�ɥ쥹�Ǥ��

�ȿ�: �桼��β�ҡ��鵡�ء��ȿ��ʤɤθ��ˡŪ��̾p�Ǥ��ۤȤ�ɤ� CA �ϡ��ξ��ӥ��ͥ��饤��󥹤Υ��ԡ��ʤɤ�ˡŪʸ��Ǿ��$��褦��׵ᤷ�ޤ��

�ȿ�ñ��: ��ȿ�ñ�̤��$Ǥ��

�Զ�Į¼̾: �ȿ��ߤ��Իԡ��ޤ��Ϲ�̾��$Ǥ��

��ƻ�ܸ�̾: ��Ҥ��ߤ��ƻ�ܸ�̾�Ǥ��

��: ��̾�� 2 ʸ��ξ�ά�� (ISO�ե��ޥå�) �Ǥ��Ȥ��С��ƹ�ι񥳡��ɤ� US �ˤʤ�ޤ��

��٤Ƥξ��ϡ��̾ (DN) �ȸƤФ�롢��Ϣ��°-��°-�ͤΥڥ��Ȥ��Ʒ�礵��Ƥ��ꡢ��ˤ��=�ι��ܤ��դ˼��̤��뤳�Ȥ��Ǥ��ޤ��

��Ѥ� CA ��=��ϡ��=�ȯ�Ԥ��p�ˡ��嵭�Τۤ��ˤɤ�ʾ��ɬ�פȤ��Ƥ��Τ��Τ뤿��ˡ��p�� CA �˳�ǧ��Ƥ��ɬ�פ��ޤ��ۤȤ�ɤ� CA �Ǥϡ��̾��ξ��$��׵ᤷ�ޤ��Ȥ��С��̾�䡢��Ҥˤ�äƥ��С��Ը��¤�Ϳ��Ƥ��ͤ�̾p��ǧ��ޤ��ơ��ˤ�äƤϡ��󶡤��Ѥ��ˡŪ��桼��äƤ��뤫�ɤ��Ҥͤ��뤳�Ȥ⤢��ޤ��

��ξ�� CA �Ǥϡ��Ű�줷��̾��󶡤��ȿ��Ŀͤ��Ф��ơ��˾ܺ٤�5��-�ι⤤��=��ȯ�Ԥ��ޤ��Ȥ��С��Ŀͤ� www.example.com �Ȥ��ȤΥ��ԥ塼��5��ʴ��ԤǤ��Ȥ��Ȥ��ǧ��Ȥ˲ä��ơ��Ȥ�� 3 ǯ�֤ˤ錄�äƱ��Ĥ��Ƥ��ꡢ��߸ܵҤȷ��ʾ٤��ʤ��Ȥ� CA ��ǧ��Ȥ��Ҥ��줿��=��뤳�Ȥ�Ǥ��ޤ��

�ۤ��Υ��С��=��׵�

�ۤ��Υ��С��=��׵᤹��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Request Certificate�ץ�󥯤򥯥�å��ޤ��

��=񤫾��=�ι��j�򤷤ޤ��¿��ξ��=�ϡ�6 �� 1 ǯ�ʤɤΰ��֤��в᤹��ȡ�ͭ��¤��ڤ�ޤ��ưŪ�˹��=��Ƥ�� CA �⤢��ޤ��

��=��׵��ˡ��ꤷ�ޤ��

�Żҥ᡼��׵��ˤϡ��CA Email Address�פ�j�򤷤ơ��׵�˻��Ѥ��Ŭ�ڤ��Żҥ᡼�륢�ɥ쥹��Ϥ��ޤ��

CA �� Web ��Ȥ��׵��ˤϡ��CA URL�פ�j�򤷤ơ��׵�˻��Ѥ��Ŭ�ڤ� URL ��Ϥ��ޤ��

��Cryptographic Module�ץɥ�åץ%��ꥹ�Ȥ��顢��=��׵᤹��Ȥ��˻��Ѥ��븰�ڥ��ե��ΰŹ沽�⥸�塼��j�򤷤ޤ��

��ڥ��ե��Υѥ���ɤ��Ϥ��ޤ��Υѥ���ɤϡ��Internal�װʳ��ΰŹ沽�⥸�塼��j�򤷤Ƥ��ʤ��ꡢ��ǡ��١��.��Ȥ��˻��ꤷ��ѥ���ɤ�Ʊ��Ǥ��С��ϡ��Υѥ���ɤ��Ѥ��ơ��桼��$��ꡢCA ��Ф��å��Ź沽��ꤷ�ޤ��ơ��桼��θ��ȰŹ沽��줿��å��ξ�� CA ��ޤ��CA �ϡ��Ѥ��ƥ�å��沽��ޤ��

̾p��ֹ�ʤɤμ��̾��Ϥ��ޤ��ξ��Υե��ޥåȤϡ�CA �ˤ�äưۤʤ�ޤ��ξ��ΤۤȤ�ɤϡ��=�ι��ξ��ˤϡ��̾�ɬ�פ��ޤ��

5�Τ˹Ԥ��ᡢ��Ƥ�ľ��ơ��λ��פ򥯥�å��ޤ��5�ΤǤ��С��=��᤯��ǧ��ޤ��׵��=񥵡��С��Ȥ��p�ˡ��ե��ǧ��褦��ץ��ץȤ�ɽ��ޤ��

��С��ϡ��Ϥ��ޤ��=�ꥯ��Ȥ��.��ޤ��׵�ˤϡ��桼��Ѥ��ƺ�.��줿�ǥ��̾��ޤޤ�ޤ��CA �ϡ��ǥ��̾��Ѥ��ơ��С��ԥ塼�� CA ��դ��Ƥ��֡��׵᤬��5��ѹ��Ƥ��ʤ��Ȥ��ǧ��ޤ��ޤ��׵᤬��5��ѹ��줿�褦�ʾ��ˤϡ��̾� CA ��ä�Ϣ�?��ޤ��

�׵��Żҥ᡼��ˤϡ��С��׵��ޤ��Żҥ᡼��å��.��ơ�CA ��ޤ��̾�Żҥ᡼��ˤ��=��֤��ޤ��=񥵡��С�� URL ��ꤷ��ϡ��С�� URL ��Ѥ��ƾ��=񥵡��С��ˤ��׵��ޤ��CA �ˤ�äơ��Żҥ᡼��ֿ��뤫��¾�μ��ʤˤʤ뤫�ϰۤʤ�ޤ��

CA �ϡ��=��ȯ�Ԥ��뤳�Ȥ�Ʊ�դ��뤫�ɤ��Τ��ޤ��ۤȤ�ɤξ�硢CA �ϡ��Żҥ᡼��Ǿ��=��ޤ��°��Ƥ��ȿ��=񥵡��С��Ѥ��Ƥ��ˤϡ��=񥵡��С��Υե��Ѥ��ƾ��=�򸡺�Ǥ��ޤ��

��=��ä��顢��򥤥󥹥ȡ��뤷�ޤ��ޤǤδ֤ϡ�SSL ��Ѥ�� Proxy Server ��ѤǤ��ޤ��

�ۤ��Υ��С��=�Υ��󥹥ȡ��

CA ��=��Ȥ��ˤϡ��桼��$��沽�Ǥ��褦�ˡ��ǰŹ沽��Ƥ��ޤ��ǡ��١��5��ѥ���ɤ��Ϥ��ʤ��ȡ��=��沽��󥹥ȡ��뤹�뤳�ȤϤǤ��ޤ��


��	�� CA �˾��=��׵ᤷ�Ƥ⡢ɬ��=�ȯ�Ԥ��Ȥϸ¤�ޤ��¿�� CA �Ǥϡ��=��ȯ��p�ˡ��桼��μ��̾��ξ��$��׵ᤷ�ޤ��ޤ��ǧ��ޤǤˤϡ�1 ��֤��뤳�Ȥ��ޤ��ɬ�פʾ��򤹤٤ƿ�®�� CA ��󶡤��뤳�Ȥ��פǤ��

��饤��Ȥ��󼨤��뤿��Ρ��桼��Υ��С��ξ��=�

��=�e��ǻ��Ѥ��롢CA ��ȼ��ξ��=�

��ꤵ�줿 CA �ξ��=�

��=�e��ϡ�Ϣ³��=�ȯ�Զɤˤ�äƽ�̾��줿��Ϣ�γ��Ū��=�Ǥ��CA ��=�ϡ��=�ȯ�Զɤ��̤��ξ��=�ȯ�Զɤˤ�ä�ȯ�Ԥ��=�˽�̾��뤿��˻��Ѥ��ޤ��CA ��=�ϡ��˿� CA �� CA ��=�ˤ�äƽ�̾��Ȥ��褦�ˡ��˥롼�� CA �ޤǽ�̾��뤳�Ȥ��Ǥ��ޤ��

CA ��=��Ȥ��ˤϡ��桼��$��沽�Ǥ��褦�ˡ��ǰŹ沽��Ƥ��ޤ��Proxy Server �ϡ��=�򥤥󥹥ȡ��뤹��ݡ��ξ��=��椹��Τ˻��ꤷ��ڥ��ե��ѥ���ɤ��Ѥ��ޤ��С��ǽ�ʾ��ˤ��Żҥ᡼��¸��뤫��ޤ��Ϥ��Żҥ᡼��Υƥ��Ȥ򥳥ԡ��μ��$��Install Certificate�ץե��˥ڡ��ȤǤ��褦�ˤ��ޤ��

¾�Υ��С��=�򥤥󥹥ȡ��뤹��ˤ�


��	CA �� CA �ξ��=��ưŪ�˥桼��ʤ��ˤϡ��=��׵ᤷ�Ƥ��$��¿�� CA �ϡ��桼��ξ��=��Żҥ᡼��ݤ� CA ��=��Ʊ��Ƥ��뤿�ᡢ�桼��Υ��С��Ǥϡ�ξ��ξ��=�Ʊ��˥��󥹥ȡ��뤵��ޤ��

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Install Certificate�ץ�󥯤򥯥�å��ޤ��

��Certificate�פβ��Υ��󥹥ȡ��뤹��=�μ��j�򤷤ޤ��

This Server

Server Certificate Chain

Certification Authority

��ˤĤ��Ƥϡ��饤��إ�פ򻲾Ȥ��Ƥ��$��

�ɥ�åץ%��ꥹ�Ȥ��Ź沽�⥸�塼��j�򤷤ޤ��

��ڥ��ե��ѥ���ɤ��Ϥ��ޤ��

�� 3 �ǡ�Server Certificate Chain�פޤ��ϡ�Certification Authority�פ�j�򤷤��$��=��̾p��Ϥ��ޤ��

��Τ��줫��ˡ�ǡ��=�ξ��ꤷ�ޤ��

��Message Is In This File�פ�j�򤷤ơ�CA ��=��ޤ�ե��Υե�ѥ�̾��Ϥ��ޤ��

��Message Text (with headers)�פ�j�򤷤ơ�CA ��=��Ƥ򥳥ԡ��ƥڡ��Ȥ��ޤ��Begin Certificate �� End Certificate �إå!��ޤ�褦�ˤ��Ƥ��$��ޤ��Ƭ��Υϥ��ե��˺��ʤ��Ǥ��$��

��λ��פ򥯥�å��ޤ��

��Τ��줫��j�򤷤ޤ��

��=�򥤥󥹥ȡ��뤹��ϡ��Add Certificate�ס�

��줿��=�򥤥󥹥ȡ��뤹��ϡ��Replace Certificate��

��=�ϡ��С��ξ��=�ǡ��١��˳�Ǽ��ޤ��򼡤˼��ޤ��

��=�ΰܹ�

Sun ONE Web Proxy Server 3.6 (iPlanet Web Proxy Server �Ȥ�ƤФ��) �� Sun Java System Web Proxy Server 4 �ذܹԤ��Ȥ��ϡ��ǡ��١��=�ǡ��١��Ϥ�Ȥ��ե��뤬��ưŪ�˹��ޤ��

Proxy Server 4 ��С��ˡ��p�� 3.x �ǡ��١��ե��Ф��ɤ߼��Ĥ��뤳�Ȥ��ǧ��ޤ��Υե��ϡ�alias-cert.db �� alias-key.db �ǡ�3.x_server_root/alias �ǥ��쥯�ȥ�ˤ��ޤ��

��С��ǥ��ƥ��ͭ��ˤʤäƤ��$��ڥ��ե��Ⱦ��=񤬰ܹԤ��ޤ��С��ȥ��С��ޥ͡��㡼�Ρ�Security�ץ��֤ˤ��Migrate 3.x Certificates�ץ��ץ��Ѥ��ơ��Ⱦ��=�$��ܹԤ��뤳�Ȥ�Ǥ��ޤ��ˤĤ��Ƥϡ��饤��إ�פ򻲾Ȥ��Ƥ��$��

��p�ΥС��Ǥϡ��=�ȸ��ڥ��ե��ϡ�ʣ��Υ��С��󥹥��󥹤ˤ�äƻ��Ѥ��ǽ-�Τ��륨��ꥢ��ˤ�äƻ��Ȥ��Ƥ��ޤ��С��ϡ��٤ƤΥ��ꥢ��Ȥ��ι�.��ǤǤ��=��Ƥ��ޤ��Sun Java System Web Proxy Server 4 �Ǥϡ��С��ȳƥ��С��󥹥��󥹤��ȼ��ξ��=�ȸ��ڥ��ե��뤬��ꡢ��ꥢ��ǤϤʤ��ǡ��١��Ȥ��ƻ��Ȥ��ޤ��

��С��ΤˤĤ��Ƥϡ��ǡ��١��Ȥ��ι�.��ǤǤ��=�δ��ϴ��С��ǹԤ��С��󥹥��󥹤ˤĤ��Ƥϡ��С��ޥ͡��㡼�ǹԤ��ޤ��=񤪤�Ӹ��ڥ��ǡ��١��ե��ϡ��Ѥ��륵��С��󥹥��̾��Ȥäơ�̾�դ��ޤ��p�ΥС��ʣ��Υ��С��󥹥��󥹤�Ʊ��ꥢ��Ѥ��Ƥ��ϡ��ܹԤ��ȡ��=�ȸ��ڥ��ե��Ͽ��С��󥹥��󥹤�̾p��Ȥä�̾p�ѹ��ޤ��

��С��󥹥��󥹤˴�Ϣ�Τ��뿮��ǡ��١��t�Τ��ܹԤ��ޤ��p�Υǡ��١��˥ꥹ�Ȥ��Ƥ�� CA �Ϥ��٤ơ�Proxy Server 4 �ǡ��١��˰ܹԤ��ޤ��CA ��ʣ��Ƥ��ˤϡ�ͭ��¤��ڤ��ޤǰ�p�� CA ��Ѥ��ޤ��ʣ��Ƥ�� CA �Ϻ��ʤ��Ǥ��$��

Proxy Server 3.x ��=�ϡ��ݡ��Ȥ��Ƥ�� Network Security Services (NSS) �Υե��ޥåȤ˰ܹԤ��ޤ��=�ϡ�� (�Ĥޤꡢ��С��Ρ�Security�ץ��֤��С��ޥ͡��㡼�Ρ�Security�ץ��) �Ρ�Proxy Server�ץڡ��˱��̾p��դ��ޤ��

��=��ܹԤ��ˤ�

�?��륳��ԥ塼��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤򥯥�å��ޤ��

��Migrate 3.x Certificates�ץ�󥯤򥯥�å��ޤ��

3.6 ��С��󥹥ȡ��뤵��Ƥ��롼�ȥǥ��쥯�ȥ��ꤷ�ޤ��

��Υ��ԥ塼��Υ��ꥢ��ꤷ�ޤ��

��ԤΥѥ���ɤ��Ϥ��λ��פ򥯥�å��ޤ��

�Ȥ߹��ߥ롼�Ⱦ��=�⥸�塼��λ��

ưŪ��ɤ߹��߲�ǽ�ʥ롼�Ⱦ��=�⥸�塼�뤬��Proxy Server �˴ޤޤ�Ƥ��ꡢVeriSign ��ޤ�¿�� CA �Υ롼�Ⱦ��=񤬳�Ǽ��Ƥ��ޤ��롼�Ⱦ��=�⥸�塼��Ѥ��ȡ��ñ��ˡ�ǥ롼�Ⱦ��=�򿷤��С��˥��åץ��졼�ɤǤ��ޤ��p�ΥС��Ǥϡ��Ť��롼�Ⱦ��=�� 1 �Ĥ��ĺ��θ忷��롼�Ⱦ��=�� 1 �Ĥ��ĥ��󥹥ȡ��뤹��ɬ�פ��ޤ��ߤϡ��롼�Ⱦ��=�⥸�塼��ե�� Proxy Server �ο��С��ع��$��ǡ��Ū�� CA ��=�򥤥󥹥ȡ��Ǥ��ޤ��ξ��=�⥸�塼��ե��Ͼ�� Proxy Server �ΥС��Ǥ��³��ƻ��ѤǤ��ޤ��

�롼�Ⱦ��=�� PKCS #11 �Ź沽�⥸�塼��Ȥ��Ƽ��Ƥ��뤿�ᡢ�⥸�塼��˴ޤޤ�Ƥ��롼�Ⱦ��=��뤳�ȤϤǤ��ޤ��󡣺��Υ��ץ��ϡ��롼�Ⱦ��=��Ȥ��ˤ�ɽ��ޤ��󡣥��С��󥹥��󥹤��롼�Ⱦ��=��ϡ��С�� alias �ե��Ǽ��ξ��С��롼�Ⱦ��=�⥸�塼��̵��ˤǤ��ޤ��

libnssckbi.so (�ۤȤ�ɤ� UNIX �ץ�åȥե��)

nssckbi.dll (Windows)

�롼�Ⱦ��=�⥸�塼��򤢤Ȥ��ϡ�server_root/bin/proxy/lib (UNIX) �ޤ�� server_root¥bin¥proxy¥bin (Windows) ��顢��ĥ�Ҥ��ĥե�� alias ��֥ǥ��쥯�ȥ�˥��ԡ��ơ��ξ��᤹��Ȥ��Ǥ��ޤ��

�롼�Ⱦ��=�ο��ѹ��Ǥ��ޤ��ϡ��Խ��륵��С��󥹥��󥹤ξ��=�ǡ��١��˽񤭹��ޤ졢�롼�Ⱦ��=�⥸�塼�뤽�Τ�Τˤ��ᤵ��ޤ��

��=�δ��

�桼��Υ��С��˥��󥹥ȡ��뤵�줿��ޤ��ޤʾ��=�ο��ͤ�ɽ��ޤ��Խ��Ǥ��ޤ��ˤϡ��桼��Ȥξ��=�� CA ��$��=��ޤޤ�ޤ��

��=��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Manage Certificates�ץ�󥯤򥯥�å��ޤ��

��Ź沽�⥸�塼��Ѥ��ơ��ǥե��ξ��=��ˤϡ��󥹥ȡ��뤵��Ƥ��뤹�٤Ƥξ��=�Υꥹ�Ȥ��μ��̤��ͭ��¤ȤȤ��ɽ��ޤ��=�Ϥ��٤ơ��ǥ��쥯�ȥ� server_root/alias �˳�Ǽ��ޤ��

�ϡ��ɥ��졼��ʤɤγ��ΰŹ沽�⥸�塼��Ѥ��Ƥ��ˤϡ��ƥ⥸�塼��Υѥ���ɤ�ǽ��Ϥ��λ��פ򥯥�å��ޤ��⥸�塼��˾��=��Ȥ߹��ޤ졢��=�ꥹ�Ȥ��ޤ��

��=��̾p�򥯥�å��ޤ��μ��ξ��=�˴ؤ��ץ��Τ��ڡ��ɽ��ޤ��饤��Ȥο��ޤ��Ǥ��Τϡ�CA ��=�$��Ǥ��ΰŹ沽�⥸�塼��ˤϡ��=��Ǥ��ʤ��Τ⤢��ޤ��

ɬ�פ��Ԥ��ޤ��Υ��ץ��ѤǤ��ޤ��

��Ū�˼��$��=�ˤĤ��Ƥϡ��Delete certificate�פޤ��ϡ�Quit��

CA ��ȯ�Ԥ��줿��=�ˤĤ��Ƥϡ��Set client trust�ס��Unset server trust�ס��ޤ��ϡ�Quit��

��=��ˤϡ��ͭ�Ԥ�ȯ�ԼԤ��ޤޤ�ޤ��Ǥϡ��饤��Ȥο��ꤷ��ꡢ��С��ο��Ǥ��ޤ��LDAP ��С��=�ξ��ϡ��С��ꤵ��Ƥ��ɬ�פ��ޤ��

CRL �� CKL �Υ��󥹥ȡ��ȴ��

��=�μ��ꥹ�� (Certificate Revocation List��CRL) ��Ӵ��ز��ꥹ�� (Compromised Key List��CKL) �ϡ��饤��Ȥޤ��ϥ��С��Υ桼��ꤹ�٤��Ǥʤ��=񤪤�Ӹ��Τ餻�ޤ��=��ͭ��¤��ڤ��p�˥桼��̳��ѹ��ꡢ��ȿ��Υ��褦�ʾ��ʤɡ��=�Υǡ��Ѥ�ä��ˤϡ��ξ��=��̵��ˤʤꡢ��Υǡ�� CRL ��ɽ��ޤ��5��ѹ��줿�ꡢ��¾��5�˻��Ѥ��줿�ꤷ��ˤϡ��θ��Ȥ��Υǡ�� CKL ��ɽ��ޤ��CRL �� CKL �ϡ�ξ��Ȥ� CA �ˤ�äƺ�.��졢��Ū�˹��ޤ��Υꥹ�Ȥμ��$ˤĤ��Ƥϡ�� CA �ˤ��䤤��碌��$��

CRL �ޤ�� CKL �Υ��󥹥ȡ��

CRL �� CKL �δ��

CRL �ޤ�� CKL �Υ��󥹥ȡ��

CRL �ޤ�� CKL �򥤥󥹥ȡ��뤹��ˤ�

CA �� CRL �ޤ�� CKL ��$��ơ��?��ǥ��쥯�ȥ�˥%��?�ɤ��ޤ��

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Install CRL/CKL�ץ�󥯤򥯥�å��ޤ��

��Τ��줫��j�򤷤ޤ��

Certificate Revocation List

Compromised Key List

��󥹥ȡ��뤹��ե��ؤΥե�ѥ�̾��Ϥ��ơ��λ��פ򥯥�å��ޤ��Add Certificate Revocation List�ץڡ��ޤ��ϡ�Add Compromised Key List�ץڡ��ɽ��졢CRL �ޤ�� CKL �ξ��󤬰��ɽ��ޤ��ǡ��١�� CRL �ޤ�� CKL ��Ǥˤ��ˤϡ��Replace Certificate Revocation�ץڡ��ޤ��ϡ�Replace Compromised Key List�ץڡ��ɽ��ޤ��

CRL �ޤ�� CKL ��ɲäޤ��ִ��ޤ��

CRL �� CKL �δ��

CRL �� CKL ��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Manage CRL/CKL�ץ�󥯤򥯥�å��ޤ��Manage Certificate Revocation Lists/Compromised Key Lists�ץڡ��ɽ��ޤ��󥹥ȡ��뤵��Ƥ��뤹�٤Ƥ� CRL �� CKL ��ͭ��¤ȤȤ�˰��ɽ��ޤ��

��Server CRLs�פޤ��ϡ�Server CKLs�ץꥹ�ȤΤɤd餫��=��j�򤷤ޤ��

��Delete CRL�פޤ��ϡ�Delete CKL�פ�j�򤷤� CRL �ޤ�� CKL ��뤫��Quit�פ�j�򤷤ƴ��ڡ��ޤ��

��ƥ��˴ؤ��ܺ��

��=��$��ȡ��С��Υ��ƥ��ݸ�򳫻ϤǤ��ޤ��Sun Java System Web Proxy Server �ˤϡ��$��褦�ʡ�¿��Υ��ƥ��ǽ��Ѱդ��Ƥ��ޤ��

�Ź沽�Ȥϡ��оݤȤ��԰ʳ��οͤ��ɤ�ʤ��褦��Ƥˤ��뤿��Ρ��Ѵ��ץ?��Τ��ȤǤ��沽�Ȥϡ��Ź沽��줿��Ƚ�ɲ�ǽ�ʾ��֤��᤹��Ρ��Ѵ��ץ?��Τ��ȤǤ��Proxy Server �ϡ�Secure Sockets Layer (SSL) �� Transport Layer Security (TLS) �Ź沽�ץ�ȥ��򥵥ݡ��Ȥ��Ƥ��ޤ��

�Ź沽��Ȥϡ��Ź沽�ޤ��沽�˻��Ѥ��Ź楢�르�ꥺ�� (��شؿ�) �Τ��ȤǤ��SSL �� TLS �ץ�ȥ��ˤϡ�¿��ΰŹ沽��Υ��åȤ��ޤޤ�Ƥ��ޤ��Ź沽��ˤϡ��ۤ��٤ƶ��ϤǤ�ꥻ��ƥ��-�ι⤤��Τ⤢��ޤ��Ū�ˡ��Ź沽��ǻ��Ѥ��ӥåȿ�¿��ۤɡ��ǡ��沽��񤷤��ʤ�ޤ��

��ΰŹ沽�ץ?��Ǥϡ�ɬ��¦�ȼ�¦��ξ��Ʊ��Ź沽��Ѥ��ɬ�פ��ޤ��¿��ΰŹ沽��뤿�ᡢ�Ǥ��Ū�˻��Ѥ��Ƥ��Ф��ƥ��С��ͭ��ˤ��Ƥ��ɬ�פ��ޤ��

��ƥ��ݸ�줿��³��ˤϡ��饤��Ȥȥ��С��ϡ��̿��ˡ��Ƥ�Ǥ⶯�ϤʰŹ沽��Ѥ��ޤ��SSL 2.0��SSL 3.0�� TLS �ץ�ȥ��뤫��Ź沽��j��Ǥ��ޤ��

�Ź沽�ץ?��$��Ǥϡ��С��ε�̩��Υ��ƥ��ݸ�ˤϽ�ʬ�ǤϤ��ޤ��󡣼ºݤ˰Ź沽��̤�8.��ꡢ��Ǥ˰Ź沽��줿��沽��뤿��ˤϡ��Ź沽��Ȱ��˸��Ѥ��ɬ�פ��ޤ��Ź沽�ץ?��Ǥϡ��η�̤�Ф�� 2 �Ĥθ��Ѥ��ޤ��1 �Ĥϸ��ǡ��⤦ 1 �Ĥ��Ǥ��Ѥ��ưŹ沽��줿��ϡ��б��Ѥ��ˤΤ��沽�Ǥ��ޤ��ϡ��=�ΰ��Ȥ��ȯ�Ԥ��ޤ��б��$��ƥ��ݸ��ޤ��


��	SSL 2.0 ��ꤢ�ȤΥС��ǡ��ƥ��ȥѥե��ޥ󥹤��夷�Ƥ��ޤ��ƥ�� SSL 3.0 ��ѤǤ��ʤ��饤��Ȥ�¸�ߤ��SSL 2.0 ��Ѥ��ʤ��Ǥ��$��饤��Ⱦ��=�ϡ�SSL 2.0 �Ź沽��Ǥ�ư��ݾڤ��Ƥ��ޤ��

�Ƽ�Ź沽��Υ��åȤˤĤ��Ƥ��$ȡ��Ӿ��=�ˤĤ��Ƥϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��

��С��ѤǤ��Ź沽��ꤹ��ˤϡ�Proxy Server �Υ桼��󥿥ե��顢�ꥹ��ΰŹ沽��j�򤷤ޤ��ΰŹ沽��Ѥ��ƤϤʤ�ʤ��ͳ��٤Ƥ�j�򤹤�褦�ˤ��ޤ��$��Ŭ�Ǥʤ��Ȼפ��Ź沽��ͭ��ˤ��ɬ�פϤ��ޤ��


�ٹ�	��Enable No Encryption, Only MD5 Authentication�פ�j�򤷤ʤ��Ǥ��$��饤��¦�Ǥ��¾�ΰŹ沽��ѤǤ��ʤ��ˤϡ��С��ǥե��Ȥˤ�ꤳ��Ѥ��Ź沽�ϹԤ��ޤ��

SSL �� TLS �ץ�ȥ��

SSL ��Ѥ�� LDAP �Ȥ��̿�

Proxy Server ��𤷤� SSL �Υȥ�ͥ��

SSL �ȥ�ͥ�󥰤��

�Ե��åȤΥ��ƥ��ͭ��

��ƥ��Υ��?�Х��

SSL �� TLS �ץ�ȥ��

Proxy Server �Ǥϡ��Ź沽�̿��Ȥ�� SSL �� TLS �ץ�ȥ��򥵥ݡ��Ȥ��Ƥ��ޤ��SSL �� TLS �ϥ��ץꥱ��ˤϰ�¸��桼��˰ռ��ˡ��٥�Υץ�ȥ��򤳤��ξ�˳��ز��뤳�Ȥ��Ǥ��ޤ��

SSL �� TLS ��ξ�ץ�ȥ��ϡ��С��ȥ��饤��Ȥ��ߤ�ǧ�ڤ��뤿��˻��Ѥ��뤵�ޤ��ޤʰŹ沽��򥵥ݡ��Ȥ��=��ƥ��å��󸰤��ꤷ�ޤ��饤��Ȥȥ��С��ϡ��ݡ��Ȥ��Ƥ��ץ�ȥ��䡢�Ź沽�ζ��٤ˤĤ��Ƥβ�Ҥ��ˤ��ӰŹ沽��줿��եȥ��͢�Ф��Ф��/��)��ʤɤ��װ�˴�Ť��ơ��̤ΰŹ沽��åȤ򥵥ݡ��Ȥ��뤳�Ȥ��Ǥ��ޤ��¾�ε�ǽ��Ǥ��äˡ�SSL �� TLS �ϥ�ɥ��ץ�ȥ��ϡ��ɤΰŹ沽��Υ��åȤ��̿��˻��Ѥ��뤫�򥵡��С��ȥ��饤��Ȥ��Ĥ��ˡ��ꤷ�ޤ��

SSL ��Ѥ�� LDAP �Ȥ��̿�

��С�� SSL ��Ѥ�� LDAP ��̿��褦�ˤ��ɬ�פ��ޤ��

��С�� SSL ��ͭ��ˤ��ˤ�

��С��˥��ơ��Global Settings�ץ��֤򥯥�å��ޤ��

��Configure Directory Service�ץ�󥯤򥯥�å��ޤ��

ɽ��ɽ�ǡ��ǥ��쥯�ȥꥵ��ӥ��Υ�󥯤򥯥�å��ޤ��Configure Directory Service�ץڡ��ɽ��ޤ��LDAP �١��Υǥ��쥯�ȥꥵ��ӥ��.��Ƥ��ʤ��ϡ��Create New Service of Type�ץɥ�åץ%��ꥹ�Ȥ��顢��LDAP Server�פ�j�򤷡��New�פ򥯥�å��ƥǥ��쥯�ȥꥵ��ӥ��ꤷ�ޤ��LDAP �١��Υǥ��쥯�ȥꥵ��ӥ��ɽ��Υե��ɤˤĤ��Ƥϡ��饤��إ�פ򻲾Ȥ��Ƥ��$��

��³�� SSL ��Ѥ��ϡ��Yes�פ�j�򤷤ơ��Save Changes�פ򥯥�å��ޤ��

Proxy Server ��𤷤� SSL �Υȥ�ͥ��

Proxy Server (�ץ?��) ��˼¹Ԥ��Ƥ��ơ��饤��Ȥ��ƥ��ݸ�줿��С��Ф��ƥץ?��ͳ�� SSL ��³��׵ᤷ��硢�ץ?��ϡ��ƥ��ݸ�줿��С��ؤ��³�򳫤��ޤ��θ塢��ƥ��ݸ�줿�ȥ�󥶥��ˤϲ��%ǡ��˥��ԡ��ޤ��Υץ?��ϡ�SSL �ȥ�ͥ�󥰤Ȥ��Τ��Ƥ��ޤ��פ򼡤οޤ˼��ޤ��

�� 5-1 SSL ��³��Ѥ��ȡ�Proxy Server ��ž��ǡ��򸫤뤳�Ȥ��Ǥ��ޤ��

HTTPS URL �� SSL �ȥ�ͥ�󥰤��Ѥ��ˤϡ��饤��Ȥ� SSL �� HTTPS ��ξ��򥵥ݡ��Ȥ��Ƥ��ɬ�פ��ޤ��HTTPS �ϡ�SSL ��̾�� HTTP ��Ѥ��Ƽ��ޤ��HTTPS �򥵥ݡ��Ȥ��ʤ��饤��ȤǤ⡢Proxy Server �� HTTPS �ץ?��ǽ��Ѥ��ơ�HTTPS �ɥ��Ȥ˥��Ǥ��ޤ��

SSL �ȥ�ͥ�󥰤ϡ��ץꥱ��٥� (HTTPS) �ˤϱƶd�ڤܤ��ʤ��̥�٥�Υ��ƥ��ӥƥ��Ǥ��SSL �ȥ�ͥ�󥰤ϡ��ץ?��ǽ�Τʤ� SSL ��Ʊ��餤��ƥ��ݸ��Ƥ��ޤ��֤� Proxy Server ��¸�ߤ��뤳�Ȥǡ��ƥ��?�ˤ��餵�줿�ꡢSSL �ε�ǽ��㲼��ꤹ�뤳�ȤϤ��ޤ��

�ǡ��ȥ꡼�� SSL ��Ѥ��ưŹ沽��뤿�ᡢ�ץ?��ϡ��ºݤΥȥ�󥶥��ˤϥ��Ǥ��ޤ��󡣤��Τ��ᡢ��?�Ǥϡ��⡼�ȥ��С��ä��֥��ɤ䡢�إå!�Ĺ��ɽ��뤳�Ȥ��Ǥ��ޤ��󡣤ޤ��ˤ�ꡢ�ץ?��䥵��ɥѡ��ƥ��Υץ?��ϡ��ȥ�󥶥��˵��Ǥ��ޤ��

�ץ?��ǡ��򸫤뤳�ȤϤʤ��ᡢ��饤��Ȥȥ�⡼�ȥ��С��δ֤ǻ��Ѥ��Ƥ��ץ�ȥ��뤬 SSL �Ǥ��뤳�Ȥϳ�ǧ�Ǥ��ޤ��󡣤Ĥޤꡢ�ץ?��ϡ��¾�Υץ�ȥ��Ǥ��ꤵ��뤳�Ȥ��ɤ��Ȥ��Ǥ��ʤ��Ȥ��ȤǤ⤢��ޤ��Internet Assigned Numbers Authority (IANA) �ˤ�äƳ��Ƥ��Ƥ��Ū�� SSL �ݡ��Ȥ$��ĤޤꡢHTTPS �ξ��ϥݡ�� 443��SNEWS �ξ��ϥݡ�� 563 �$�� SSL ��³��)�¤��뤳�Ȥ򤪴��ᤷ�ޤ��ƥ��ݸ�줿��С��¾�Υݡ��Ȥǲ�Ư��Ƥ��륵��Ȥ��ϡ��ۥ��ȤΤ��¾�Υݡ��Ȥ��³�Ǥ��褦�ˡ��<�Ū��㳰��Ǥ��ޤ��ϡ�connect://.* �꥽��Ѥ��ƹԤ��ޤ��

SSL �ȥ�ͥ�󥰵�ǽ�ϡ�SOCKS �˻��Ѥε�ǽ�ǡ��ץ�ȥ��뤫��Ω��Ƥ��ޤ��Τ��ᡢ��ε�ǽ�򤽤�¾�Υ��ӥ��ˤ��ѤǤ��ޤ��Proxy Server �ϡ�HTTPS �� SNEWS �ץ�ȥ��$��Ǥʤ��SSL ��б��Ǥ�դΥ��ץꥱ�� SSL �ȥ�ͥ�󥰤��б��Ǥ��ޤ��

SSL �ȥ�ͥ�󥰤��

��μ��Ǥϡ�SSL ��ȥ�ͥ�󥰤��褦�� Proxy Server ��ꤹ��ˡ�ˤĤ��$��ޤ��

SSL �ȥ�ͥ�󥰤��ꤹ��ˤ�

��С��ޥ͡��㡼�˥��ƥ��С��󥹥��󥹤�j�򤷡��Routing�ץ��֤򥯥�å��ޤ��

��Enable/Disable Proxying�ץ�󥯤򥯥�å��ޤ��

�ɥ�åץ%��ꥹ�Ȥ�� connect://.*.443 �꥽��j�򤷤ޤ��connect:// ��ϡ��ץ?��ɽ��Ǥ��ꡢ�ץ?��γ��ˤ�¸�ߤ��ޤ��connect �ˤĤ��Ƥϡ��SSL �ȥ�ͥ�󥰤ε��Ū�ܺ١��򻲾Ȥ��Ƥ��$��¾�Υݡ��Ȥ��³��Ĥ��ˤϡ��ƥ�ץ졼�Ȥ�� URL �ѥ��Ѥ��뤳�Ȥ��Ǥ��ޤ��ƥ�ץ졼�ȤˤĤ��Ƥϡ��֥ƥ�ץ졼�Ȥȥ꥽��δ��򻲾Ȥ��Ƥ��$��

��Enable Proxying Of This Resource�פ�j�򤷤ơ��λ��פ򥯥�å��ޤ��



�ٹ�	�ץ?��꤬5��ʤ��ϡ�SSL �ץ?��5�˻��Ѥ��ơ�telnet �ۥåԥ󥰤��Ԥ��ǽ-��ޤ��ۤ��Υ桼��ץ?��Ѥ��ơ��ºݤ��³��Ƥ��ۥ��Ȥ��ǤϤʤ��ץ?��ۥ��Ȥ�� telnet ��³��Ԥ��Ƥ��뤫�Τ褦�˸��뤳�Ȥ��Ǥ��ޤ��Τ��ᡢ��ɬ�פʥݡ��Ȱʳ��Ϸ褷�Ƶ�Ĥ��ʤ��Ǥ��$��ޤ��ץ?��ǥ��)�� (��饤��ȥۥ��Ȥ�)��) ��Ѥ��Ƥ��$��

SSL �ȥ�ͥ�󥰤ε��Ū�ܺ�

��Ū�ˤϡ�SSL �ȥ�ͥ�󥰤Ǥϡ��Τ褦�� CONNECT ��ۥ��̾��ӥݡ��ֹ�ȤȤ�˥ѥ�᡼��Ȥ��ƻ��Ѥ��Ԥ�³��ޤ��

Proxy Server ��5��ʱ��ϼ��Τ褦�ˤʤꡢ��θ�˶�Ԥ�³��ޤ��

HTTP/1.0 200 Connection established
Proxy-agent:Sun-Java-System-Web-Proxy-Server/4.0

��θ塢��饤��Ȥȥ�⡼�ȥ��С��δ֤��³��Ω��졢�ɤd餫��³��Ĥ��ޤǡ��ǡ��ž��Ǥ��ޤ��

��Ū�ˤϡ�URL �ѥ��˴�Ť��ŵ��Ū��굡��Ѥ��뤿��ˡ��ۥ��̾�ȥݡ��ֹ� (energy.example.com:443) �ϡ��ưŪ�˼��Τ褦�� URL �˥ޥåפ��ޤ��

connect:// �ϡ�Proxy Server �$��ǻ��Ѥ��ɽ��Ǥ��ꡢ��ưפˤ��ۤ�� URL �ѥ��줹�뤿��˻��Ѥ��ޤ��Proxy Server �γ��Ǥ� connect URL ��¸�ߤ��ޤ��Proxy Server ��Τ褦�� URL ��ͥåȥ��ȡ�̵��Ȥ��ƥޡ��׵�ν��ݤ��ޤ��

�Ե��åȤΥ��ƥ��ͭ��

��ƥ��ǽ��ͭ��ˤ��

�Ե��åȤΥ��С��=��j�򤹤�

�Ź沽��j�򤹤�

��ƥ��ǽ��ͭ��

�Ե��å��Ѥ�¾�Υ��ƥ��Ԥ��ˤϡ��ƥ��ǽ��ͭ��ˤ��Ƥ��ɬ�פ��ޤ��Ե��åȤ��.��ꡢ��¸��Ե��åȤ��Խ��ꤹ��Ȥ��ˡ��ƥ��ǽ��ͭ��ˤǤ��ޤ��

�Ե��åȤκ�.��˥��ƥ��ǽ��ͭ��ˤ��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Add Listen Socket�ץ�󥯤򥯥�å��ޤ��

ɬ�פʾ��Ϥ��ޤ��ƥ��򥪥�ˤ��ˤϡ��Security�ץɥ�åץ%��ꥹ�Ȥ��Enabled�פ�j�򤷤ơ��λ��פ򥯥�å��ޤ��С��=񤬥��󥹥ȡ��뤵��Ƥ��ʤ��ϡ��Disabled�פ$��j��Ǥ��ޤ��ˤĤ��Ƥϡ��饤��إ�פ򻲾Ȥ��Ƥ��$��



��	�Ե��åȤ��.��Ȥǥ��ƥ��Ԥ��ˤϡ��Edit Listen Sockets�ץ�󥯤��Ѥ��ޤ��

�Ե��åȤ��Խ��˥��ƥ��ǽ�򥪥�ˤ��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ޤ��

�Խ��Ե��åȤΥ�󥯤򥯥�å��ޤ��

��ƥ��򥪥�ˤ��ˤϡ��Security�ץɥ�åץ%��ꥹ�Ȥ��Enabled�פ�j�򤷤ơ��λ��פ򥯥�å��ޤ��С��=񤬥��󥹥ȡ��뤵��Ƥ��ʤ��ϡ��Disabled�פ$��j��Ǥ��ޤ��

�Ե��åȤΥ��С��=��j��

��С��ޤ��ϥ��С��ޥ͡��㡼�Τɤd餫�ǡ��桼��׵ᤷ��󥹥ȡ��뤷��С��=��Ѥ��褦��Ե��åȤ��Ǥ��ޤ��

�Ե��åȤΥ��С��=��j�򤹤�ˤ�


��	��ʤ��Ȥ� 1 �Ĥξ��=�򥤥󥹥ȡ��뤷�Ƥ��ɬ�פ��ޤ��

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ޤ��

�Խ��Ե��åȤΥ�󥯤򥯥�å��ޤ��

��Enabled�פ�j�򤷤ơ�λ��פ򥯥�å��顢��Server Certificate Name�ץɥ�åץ%��ꥹ�Ȥ��Ե��åȤΥ��С��=��j�򤷤ơ��λ��פ򥯥�å��ޤ��

�Ź沽��j��

Proxy Server �Υ��ƥ��ݸ��ˤϡ�SSL ��ͭ��ˤ��뤳�Ȥ򤪴��ᤷ�ޤ��SSL 2.0��SSL 3.0 �� TLS �Ź沽�ץ�ȥ��ͭ��ˤ��ơ��Ƽ�ΰŹ沽��åȤ�j�򤹤뤳�Ȥ��Ǥ��ޤ��С��Ե��åȤǡ�SSL �� TLS �ץ�ȥ��ͭ��ˤǤ��ޤ��С��ޥ͡��㡼��Ե��åȤ� SSL �� TLS ��ͭ��ˤ��ȡ��Υ��С��󥹥��󥹤��Ф��ơ��Υ��ƥ��ξܺ٤��ꤵ��ޤ��ʤ��Ȥ� 1 �Ĥξ��=�򥤥󥹥ȡ��뤷�Ƥ��ɬ�פ��ޤ��


��	�Ե��åȤǤ� SSL ͭ��ϡ��եץ?��Υ��ʥꥪ�ǤΤ�Ŭ�Ѥ��ޤ��ĤޤꡢProxy Server ��եץ?��¹Ԥ��褦��ꤵ��Ƥ��ΤߤȤʤ�ޤ��

�ǥե��Ȥ��Ǥϡ��Ǥ��Ū�˻��Ѥ��Ƥ��Ź沽��ѤǤ��ޤ��ΰŹ沽��Ѥ��ƤϤʤ�ʤ��ͳ��٤Ƥ�j�򤹤�褦�ˤ��ޤ��ΰŹ沽��ˤĤ��Ƥϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��

��TLS Rollback�פΡ��ǥե��Ȥǿ侩��ϡ�Enabled�פǤ��Enabled�פ��ꤹ��ȡ��ͤ��ߤ��С��?��Хå��򸡽Ф��褦�˥��С��ꤵ��ޤ��TLS ��ͤ�5��Ǥ��ʤ��Υ��饤��ȤȤ��߱��-��ݤ��뤿��ˡ��ͤ��Disabled�פ��ꤷ�ʤ��Фʤ�ʤ��礬��ޤ��

��TLS Rollback�פ�̵��ˤ��ȡ��̿��С��?��Хå��䤹��ʤ�Τ��դ��Ƥ��$��С��?��Хå��ϡ��軰�Ԥ��饤��Ȥ��ӥ��С�� SSL 2.0 �ʤɤθŤ��ƥ��ƥ��ݸǽ��㤤�ץ�ȥ��Ѥ��̿��Ԥ��褦�ˤ��ᥫ�˥��Ǥ��SSL 2.0 �ץ�ȥ��ˤϴ��Τ��ȼ�-��뤿�ᡢ�С��?��Хå��򸡽ФǤ��ʤ��硢�軰�Ԥˤ��Ź沽��줿�̿��˵��沽��ưפˤʤäƤ��ޤ��ޤ��

SSL �� TLS ��ͭ��ˤ��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ơ��Խ��Ե��åȤΥ�󥯤򥯥�å��ޤ��ƥ��ݸ�줿�Ե��åȤξ�硢��ѤǤ��Ź沽��꤬ɽ��ޤ��



��	�Ե��åȤΥ��ƥ��ǽ��ͭ��ˤʤäƤ��ʤ��ϡ�SSL �� TLS �ξ��ϰ��ɽ��ޤ��󡣰Ź沽��Ѥ��ˤϡ�j�򤷤Ƥ��Ե��åȤǥ��ƥ��ǽ��ͭ��ˤʤäƤ��ɬ�פ��ޤ��ܺ٤ϡ��Ե��åȤΥ��ƥ��ͭ��򻲾Ȥ��Ƥ��$��

ɬ�פʰŹ沽��åȤ��б��e��å��ܥå��j�򤷤ơ��λ��פ򥯥�å��ޤ��



��	Netscape Navigator 6.0 �Ǥϡ�TLS �� SSL 3.0 ��ξ��j�򤷤ޤ��TLS Rollback�פξ��ˤ⡢TLS ��j�򤷤ơ�SSL 3.0 �� SSL 2.0 ��ξ��̵��ˤʤäƤ��뤳�Ȥ��ǧ��Ƥ��$��

��С�� SSL ��ͭ��ˤʤä��顢�� URL �ˤ� http �� https ��Ѥ��ޤ��SSL ͭ��С��Υɥ��Ȥ򼨤� URL �ν񼰤ϼ��ΤȤ��Ǥ��

�ǥե��ȤΥ��ƥ��ݸ�줿 HTTP �ݡ��ֹ� (443) ��Ѥ��ˤϡ�URL �˥ݡ��ֹ��Ϥ��ɬ�פϤ��ޤ��

��ƥ��Υ��?�Х��

SSL ��ͭ��ʥ��С��򥤥󥹥ȡ��뤹��ȡ��?�Х륻��ƥ��ѥ�᡼��λ��ᥨ��ȥ꤬��magnus.conf �ե�� (��С��Υᥤ��ե��) ��˺�.��ޤ��

SSL ��ե��ͤ��ꤹ��ˤ�

��С��ޥ͡��㡼��顢��С��󥹥��󥹤�j�򤷤ޤ��

��ꤹ��Ե��åȤǥ��ƥ��ͭ��ˤʤäƤ��뤳�Ȥ��ǧ��Ƥ��$��ܺ٤ϡ��Ե��åȤΥ��ƥ��ͭ��򻲾Ȥ��Ƥ��$��

magnus.conf �ե��ư��Խ��ͤ��Ϥ��ޤ��

SSLSessionTimeout

SSLCacheEntries

SSL3SessionTimeout

�� SSL ��ե��ˤĤ��ơ��$��ޤ��magnus.conf �ˤĤ��Ƥϡ��Proxy Server Configuration File Reference�٤򻲾Ȥ��Ƥ��$��

SSLSessionTimeout

SSLSessionTimeout ��ϡ�SSL 2.0 ��å��Υ��å��)�椷�ޤ��

��ʸ

�� seconds �ϡ��å��夵�줿 SSL ��å��̵��ˤʤ�ޤǤ��ÿ�Ǥ��ǥե��ͤ� 100 �Ǥ��SSLSessionTimeout ��᤬��ꤵ�줿��ˤϡ��ÿ��ͤϰ��Ū�� 5 �� 100 �äδ֤�)�¤��ޤ��

SSLCacheEntries

SSL3SessionTimeout

SSL3SessionTimeout ��ϡ�SSL 3.0 �� TLS ��å��Υ��å��)�椷�ޤ��

��ʸ

�� seconds �ϡ��å��夵�줿 SSL 3.0 ��å��̵��ˤʤ�ޤǤ��ÿ�Ǥ��ǥե��ͤ� 86400 (24 ��) �Ǥ��SSL3SessionTimeout ��᤬��ꤵ��Ƥ��硢��ÿ��ͤϰ��Ū�� 5 �� 86400 �ô֤�)�¤��ޤ��

��Ź沽�⥸�塼��λ��

Proxy Server �ϡ��ޡ��ȥ��ɤ�ȡ��󥰤ʤɤγ��ΰŹ沽�⥸�塼��Ȥ��ơ��ˡ�򥵥ݡ��Ȥ��Ƥ��ޤ��

FIPS-140 �Ź沽ɸ��ͭ��p�ˡ�PKCS #11 �⥸�塼��ɲä��Ƥ��ɬ�פ��ޤ��

PKCS #11 �⥸�塼��Υ��󥹥ȡ��

FIPS-140 ɸ��

PKCS #11 �⥸�塼��Υ��󥹥ȡ��

Proxy Server �ϡ�Public Key Cryptography Standard (PKCS) #11�򥵥ݡ��Ȥ��ޤ��ɸ��ϡ�SSL �� PKCS #11 �⥸�塼��֤��̿��˻��Ѥ��륤�󥿥ե��d��ޤ��PKCS #11 �⥸�塼��ϡ�SSL �ϡ��ɥ��졼��ؤ�ɸ��١��³�˻��Ѥ��ޤ��Υϡ��ɥ��졼��˥��ݡ��Ȥ��줿��=�ȸ��ϡ�secmod.db �ե��˳�Ǽ��ޤ��Υե��ϡ�PKCS #11 �⥸�塼��򥤥󥹥ȡ��뤷��Ȥ��8.��ޤ��Υե��ϡ�server_root/alias �ǥ��쥯�ȥ��֤��ޤ��

modutil �ˤ�� PKCS #11 �⥸�塼��Υ��󥹥ȡ��

PKCS #11 �⥸�塼��modutil �ġ��Ѥ�� .jar �ե��ޤ��ϥ��֥��ȥե��η|��ǥ��󥹥ȡ��Ǥ��ޤ��

modutil ��Ѥ�� PKCS #11 �⥸�塼��򥤥󥹥ȡ��뤹��ˤ�

��С��ޤह�٤ƤΥ��С��ߤ��Ƥ��뤳�Ȥ��ǧ��ޤ��

�ǡ��١��֤��Ƥ�� server_root/alias �ǥ��쥯�ȥ�˰�ư��ޤ��

PATH �� server_root/bin/proxy/admin/bin ��ɲä��ޤ��

server_root/bin/proxy/admin/bin �� modutil �򸫤Ĥ��ޤ��

�Ķ��ꤷ�ޤ��򼡤˼��ޤ��

UNIX �ξ��: setenv

LD_LIBRARY_PATH server_root/bin/proxy/lib:${LD_LIBRARY_PATH}

Windows �ξ��: PATH �˼��ɲä��ޤ�

LD_LIBRARY_PATH server_root/bin/proxy/bin

��Ѥ��Ƥ��륳��ԥ塼�� PATH �ϡ��ǳ�ǧ�Ǥ��ޤ��server_root/proxy-admserv/start

��Υ��ޥ�ɤ��Ϥ��ޤ�: modutil��ץ��ΰ��ɽ��ޤ��

ɬ�פ��Ԥ��ޤ��

��Ȥ��С�UNIX �� PCKS #11 �⥸�塼��ɲä��ˤϡ��Τ褦��Ϥ��ޤ��

modutil -add (PKCS#11 �ե��̾p) -libfile (PKCS #11 �Ѥ� libfile) -nocertdb -dbdir(db �ǥ��쥯�ȥ�)

pk12util �λ��

pk12util ��Ѥ��ơ��ǡ��١��=�ȸ��򥨥��ݡ��Ȥ��ꡢ��ޤ��ϳ�� PKCS #11 �⥸�塼��ˤ��򥤥�ݡ��Ȥ��ꤹ�뤳�Ȥ��Ǥ��ޤ��=�ȸ��ǡ��١��ˤ��ĤǤ⥨��ݡ��ȤǤ��ޤ��ۤȤ�ɤγ��ȡ��ǤϾ��=�ȸ��Υ��ݡ��Ȥϵ�Ĥ��ޤ��󡣥ǥե��ȤǤϡ�pk12util �ϡ�cert8.db �� key3.db �Ȥ��̾p�ξ��=�ȸ��ǡ��١��Ѥ��ޤ��

pk12util �ˤ�륨��ݡ��

��ǡ��١��=�ȸ��򥨥��ݡ��Ȥ��ˤ�

�ǡ��١��֤��Ƥ�� server_root/alias �ǥ��쥯�ȥ�˰�ư��ޤ��

PATH �� server_root/bin/proxy/admin/bin ��ɲä��ޤ��

server_root/bin/proxy/admin/bin �� pk12util �򸫤Ĥ��ޤ��

�Ķ��ꤷ�ޤ��򼡤˼��ޤ��

UNIX �ξ��: setenv

LD_LIBRARY_PATH/server_root/bin/proxy/lib:${LD_LIBRARY_PATH}

Windows �ξ��: PATH �˼��ɲä��ޤ�

LD_LIBRARY_PATH server_root/bin/proxy/bin

��Ѥ��Ƥ��륳��ԥ塼�� PATH �ϡ��ǳ�ǧ�Ǥ��ޤ��server_root/proxy-admserv/start

��Υ��ޥ�ɤ��Ϥ��ޤ�: pk12util��ץ��ΰ��ɽ��ޤ��

ɬ�פ��Ԥ��ޤ��

��Ȥ��С�UNIX �Ǥϼ��Τ褦��Ϥ��ޤ��

pk12util -o certpk12 -n Server-Cert [-d /server/alias] [-P https-test-host]

�ǡ��١��ѥ���ɤ��Ϥ��ޤ��

pkcs12 �ѥ���ɤ��Ϥ��ޤ��

pk12util �ˤ�륤��ݡ��

��ޤ��ϳ�� PKCS #11 �⥸�塼��˾��=�ȸ��򥤥�ݡ��Ȥ��ˤ�

�ǡ��١��֤��Ƥ�� server_root/alias �ǥ��쥯�ȥ�˰�ư��ޤ��

PATH �� server_root/bin/proxy/admin/bin ��ɲä��ޤ��

server_root/bin/proxy/admin/bin �� pk12util �򸫤Ĥ��ޤ��

�Ķ��ꤷ�ޤ��򼡤˼��ޤ��

UNIX �ξ��: setenv

LD_LIBRARY_PATH/server_root/bin/proxy/lib:${LD_LIBRARY_PATH}

Windows �ξ��: PATH �˼��ɲä��ޤ�

LD_LIBRARY_PATH server_root/bin/proxy/bin

��Ѥ��Ƥ��륳��ԥ塼�� PATH �ϡ��ǳ�ǧ�Ǥ��ޤ��server_root/proxy-admserv/start

��Υ��ޥ�ɤ��Ϥ��ޤ�: pk12util��ץ��ΰ��ɽ��ޤ��

ɬ�פ��Ԥ��ޤ��

��Ȥ��С�UNIX �Ǥϼ��Τ褦��Ϥ��ޤ��

pk12util -i pk12_sunspot [-d certdir][-h "nCipher"][-P https-jones.redplanet.com-jones-]

-P �� -h �Τ��Ȥˡ��Ǹ�ΰ��Ȥ��ƻ��Ѥ��ޤ��

��䵭��ʸ��ȶ��ʸ��ޤࡢ5�Τʥȡ��̾��Ϥ��ޤ��

�ǡ��١��ѥ���ɤ��Ϥ��ޤ��

pkcs12 �ѥ���ɤ��Ϥ��ޤ��

��=��Ѥ��С��ε�ư

�� PKCS #11 �⥸�塼�� (��Ȥ��С��ϡ��ɥ��졼��ʤ�) �˥��С��ξ��=�򥤥󥹥ȡ��뤹��ˤϡ�server.xml ��Խ��뤫��ޤ��ϼ��˽Ҥ٤�褦�ˡ��=�̾��ꤹ��ޤǡ��С��Ϥ��ξ��=�λ��Ѥ򳫻ϤǤ��ޤ��

��С��Ͼ�ˡ�Server-Cert �Ȥ��̾p�ξ��=��Ѥ��Ƶ�ư��褦�Ȥ��ޤ�� PKCS #11 �⥸�塼��ξ��=�ˤϡ��̻��˥⥸�塼��Υȡ��̾�Τ��d� 1 �Ĥ��ޤޤ�Ƥ��ޤ��Ȥ��С�smartcard0 �ȸƤФ�볰��ޡ��ȥ��ɥ꡼�!��˥��󥹥ȡ��뤵��Ƥ��륵��С��=��̾p��smartcard0:Server-Cert �Ȥʤ�ʤɤǤ��

��⥸�塼��˥��󥹥ȡ��뤵��Ƥ��=��Ѥ��ƥ��С��ư��ˤϡ��ư��Ե��åȤξ��=�̾��ꤹ��ɬ�פ��ޤ��

�Ե��åȤξ��=�̾��j��

�Ե��åȤξ��=��j�򤹤�ˤ�

�Ե��åȤΥ��ƥ��ǽ��ͭ��ˤʤäƤ��ʤ��ϡ��=��ɽ��ޤ��Ե��åȤξ��=�̾��j�򤹤�ˤϡ��ޤ��Ե��åȤǥ��ƥ��ǽ��ͭ��ˤʤäƤ��뤳�Ȥ��ǧ��ɬ�פ��ޤ��ܺ٤ϡ��Ե��åȤΥ��ƥ��ͭ��򻲾Ȥ��Ƥ��$��

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ޤ��

��=�ȴ�Ϣ�դ��Ե��åȤΥ�󥯤򥯥�å��ޤ��

��Server Certificate Name�ץɥ�åץ%��ꥹ�Ȥ��Ե��åȤΥ��С��=��j�򤷤ơ��λ��פ򥯥�å��ޤ��Υꥹ�Ȥˤϡ��󥹥ȡ��뤵��Ƥ��뤹�٤Ƥ��ӳ��ξ��=񤬵��ܤ��Ƥ��ޤ��

��ư�� server.xml �ե��Խ��뤳�Ȥˤ�ꡢ��ˤ��Υ��С��=��Ѥ��Ƶ�ư��뤳�Ȥ򥵡��С��˻ؼ��뤳�Ȥ�Ǥ��ޤ��SSLPARAMS �� servercertnickname °-�򼡤Τ褦��ѹ��ޤ��

$TOKENNAME �˻��Ѥ��ͤ��Τ�ˤϡ��С��Ρ�Security�ץ��֤˰�ư��ơ��Manage Certificates�ץ�󥯤�j�򤷤ޤ��Server-Cert �γ�Ǽ��Ƥ��볰��⥸�塼��˥?��󤹤�ȡ�$TOKENNAME:$NICKNAME �ե��Υꥹ�Ȥˤ��ξ��=�ɽ��ޤ��



��	��ǡ��١��.��Ƥ��ʤ��ˤϡ�� PKCS #11 �⥸�塼��ξ��=��׵᤹�뤫�ޤ��ϥ��󥹥ȡ��뤹��ȡ��ǡ��١�� 1 �ĺ�.��ޤ��.��ǥե��ȤΥǡ��١��ˤϡ��ѥ���ɤ��ʤ��ᥢ��Ǥ��ޤ��󡣳��⥸�塼��ư��ޤ��С��=��׵ᤷ�ƥ��󥹥ȡ��뤹�뤳�ȤϤǤ��ޤ��󡣥ѥ���ɤΤʤ��ǥե��ȤΥǡ��١��.��줿��ˤϡ��Security�ץ��֤Ρ�Create Database�ץڡ��Ѥ��ƥѥ���ɤ��ꤷ�Ƥ��$��

FIPS-140 ɸ��

PKCS #11 API ��Ѥ��С��Ź沽��¹Ԥ��륽�եȥ��ޤ��ϥϡ��ɥ��⥸�塼��Ȥ��̿��ǽ�Ǥ��PKCS #11 �� Proxy Server �˥��󥹥ȡ��뤹��ȡ�FIPS-140 (FIPS �� Federal Information Processing Standards ��ά) �˽�򤹤�褦��Proxy Server ��Ǥ��ޤ��Υ饤�֥��ϡ�SSL 3.0 �ˤΤߴޤޤ�Ƥ��ޤ��

FIPS-140 ��ͭ��ˤ��ˤ�

FIPS-140 �λؼ��˽��äƥץ饰��򥤥󥹥ȡ��뤷�ޤ��

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ޤ��Ե��åȤ��ƥ��ݸ��Ƥ��ϡ��Edit Listen Sockets�ץڡ��˻��Ѳ�ǽ�ʥ��ƥ��꤬ɽ��ޤ��



��	FIPS-140 ��Ѥ��ˤϡ�j�򤷤Ƥ��Ե��åȤǥ��ƥ��ͭ��ˤʤäƤ��ɬ�פ��ޤ��ܺ٤ϡ��Ե��åȤΥ��ƥ��ͭ��򻲾Ȥ��Ƥ��$��

��Enabled�פ�j�򤵤�Ƥ��ʤ��ϡ��SSL Version 3�ץɥ�åץ%��ꥹ�Ȥ��j�򤷤ޤ��

��Τ��a�Ŭ�ڤ� FIPS-140 �Ź沽��Υ��åȤ�j�򤷤ơ��λ��פ򥯥�å��ޤ��

Enable Triple DES with 168 bit encryption and SHA authentication (FIPS)

Enable DES with 56 bit encryption and SHA authentication (FIPS)

��饤��ȥ��ƥ��׷��

��С��򥻥��ƥ��ݸ�뤿��Τ��٤Ƥμ�礬��λ��ȡ��饤��Ȥ˴ؤ��뤽��¾�Υ��ƥ��׷��Ǥ��ޤ��

��饤��ǧ�ڤϡ�SSL ��³��ɬ�ܤǤϤ��ޤ��󤬡��Ѥ��ȡ��Ź沽��줿��󤬤��˳μ¤�Ŭ�ڤ��ޤ��饤��ǧ�ڤ�եץ?��ǻ��Ѥ��ơ��ƥ�ĥ��С��ǧ��Ƥ��ʤ��ץ?��䥯�饤��ȤȾ��ͭ��ʤ��褦�ˤ��뤳�Ȥ��Ǥ��ޤ��

��饤��ǧ�ڤ��׵�

�եץ?��ǤΥ��饤��ǧ��

�եץ?��ǤΥ��饤��ǧ�ڤ��

LDAP �ؤΥ��饤��Ⱦ��=�Υޥåԥ�

certmap.conf �ե��λ��

��饤��ǧ�ڤ��׵�

��С��ȳƥ��С��󥹥��󥹤��Ե��åȤ��饤��ǧ�ڤ��׵�Ǥ��褦�ˤʤ�ޤ��饤��ǧ�ڤ�ͭ��ˤ��ȡ��꡼��Ф��ƥ��С��p�ˡ��饤��Ȥξ��=�ɬ�פȤʤ�ޤ��

Proxy Server �ϡ��饤��Ⱦ��=�˴ޤޤ�� CA �ȡ��̾�Ѥߥ��饤��Ⱦ��=�ο��ꤵ�줿 CA ��ȹ礹�뤳�Ȥˤ�äƥ��饤��Ⱦ��=��ǧ�ڤ򥵥ݡ��Ȥ��ޤ��Security�ץ��֤ˤ��Manage Certificates�ץڡ��ǡ��̾�Ѥߥ��饤��Ⱦ��=�ο��ꤵ�줿 CA �Υꥹ�Ȥ�ɽ��Ǥ��ޤ��

��ꤵ�줿 CA ��Υ��饤��Ⱦ��=��äƤ��ʤ��饤��Ȥ��ݤ��褦�� Proxy Server ��Ǥ��ޤ��ꤵ�줿 CA ��졢�ޤ��ϵ��ݤ��ˤϡ�� CA �ˤĤ��ƥ��饤��Ȥο��ꤹ��ɬ�פ��ޤ��ܺ٤ϡ��־��=�δ��򻲾Ȥ��Ƥ��$��

Proxy Server �ϡ��顼�ε�Ͽ��=�ε��ݡ��Ӿ��=񤬴��ڤ�ξ��ˤϥ��饤��Ȥ��Ф��ƥ�å��Ԥ��ޤ��ޤ��Manage Certificates�ץڡ��ǡ�ͭ��ڤ�ξ��=��ɽ��Ǥ��ޤ��

��饤��Ȥξ��=񤫤�� LDAP �ǥ��쥯�ȥ��Υ桼��ȥ�Ⱦȹ礹��褦�˥��С��Ǥ��ޤ��Τ褦�ˤ��ȡ��μ¤� LDAP �ǥ��쥯�ȥ��ͭ��ʾ��=�ȥ��ȥ�򥯥饤��Ȥ��Ĥ褦�ˤǤ��ޤ��ޤ��饤��Ⱦ��=� LDAP �ǥ��쥯�ȥ��ξ��=�ȳμ¤˰��פ��褦�ˤǤ��ޤ��¹Ԥ��ˡ�ˤĤ��Ƥϡ��LDAP �ؤΥ��饤��Ⱦ��=�Υޥåԥ󥰡��򻲾Ȥ��Ƥ��$��

��=�Τ��桼��ϡ��ꤵ�줿 CA �$��Ǥʤ��)��ε�§ (Access Control Rule��ACL) �Ȥ��פ��ʤ��Фʤ�ʤ��褦�ˡ��饤��Ⱦ��=�򥢥��)��Ȥ߹�碌�뤳�Ȥ��Ǥ��ޤ��ܺ٤ϡ��֥��)��ե��λ��ѡ��򻲾Ȥ��Ƥ��$��

��饤��Ȥ�ǧ�ڤ��׵᤹��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ޤ��

��饤��ǧ�ڤ��׵ᤷ�Ƥ��Ե��åȤΥ�󥯤򥯥�å��ޤ��

��Client Authentication�ץɥ�åץ%��ꥹ�Ȥ��Ѥ��Ե��åȤΥ��饤��ǧ�ڤ��׵ᤷ�ơ��λ��פ򥯥�å��ޤ��

�եץ?��ǤΥ��饤��ǧ��

�եץ?��Ǥϡ��Τ��줫�Υ��ʥꥪ�˱��ơ��饤��ǧ�ڤ��Ǥ��ޤ��

�֥ץ?��饤��Ȥ�ǧ�ڡ�: ��Υ��ʥꥪ�Ǥϡ��ǽ�ʾ��=��ĥ��饤��Ȥ��٤Ƥ˥��Ĥ��뤫��ޤ��ϼ��ǽ�ʾ��=񤬤��ꡢ�� Proxy Server �Υ��)��ꥹ�Ⱦ��ǧ��줿�桼��Ǥ��륯�饤��Ȥ$��˥��Ĥ��뤳�Ȥ��Ǥ��ޤ��

�֥��ƥ�ĥ��С��ץ?��ǧ�ڡ�: ��Υ��ʥꥪ�Ǥϡ��ƥ�ĥ��С�� Proxy Server �˼ºݤ��³��Ƥ��ơ��¾�Υ��С��ˤ��³��Ƥ��ʤ��Ȥ��ǧ��뤳�Ȥ��Ǥ��ޤ��

�֥ץ?��饤��Ȥ�ǧ�ڡ��ĥ��ƥ�ĥ��С��ץ?��ǧ�ڡ�: ��Υ��ʥꥪ�Ǥϡ��եץ?��ǤΥ��ƥ��ǧ�ڤ��¤ˤ��ޤ��

�եץ?��ǤΥ��饤��ǧ�ڤ��

��ƥ��ݸ�줿�եץ?��ǥ��饤��ǧ�ڤ�¹Ԥ��ȡ��³�Υ��ƥ��-��ݾڤ��ޤ��μ��Ǥϡ��桼��j�򤹤륷�ʥꥪ�˱��饤��ǧ�ڤ��ˡ�ˤĤ��$��ޤ��

�ץ?��饤��Ȥ�ǧ��

�֥ץ?��饤��Ȥ�ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�


��	�ƥ��ʥꥪ�Ǥϡ��ƥ��ݸ�줿��饤�� - �ץ?��³�ȡ��ƥ��ݸ�줿�ץ?�� - ��ƥ�ĥ��С��³��ξ��ʤ��Ƥ��뤳�Ȥ�p��Ȥ��Ƥ��ޤ��

�ֵեץ?��λ��ѡ��Ρֵեץ?��פǤλؼ��˽��äơ��ƥ��ݸ�줿��饤�� - �ץ?��ȡ��ƥ��ݸ�줿�ץ?�� - ��ƥ�ĥ��С��Υ��ʥꥪ��ꤷ�ޤ��

��С��ޥ͡��㡼�˥��ƥ��С��󥹥��󥹤�j�򤷡��Preferences�ץ��֤򥯥�å��ޤ��

��Edit Listen Sockets�ץ�󥯤򥯥�å��ơ�ɽ��ɽ��ˤ��Ū��Ե��åȤΥ�󥯤򥯥�å��ޤ��Add Listen Socket�ץ�󥯤��Ѥ��ơ��Ե��åȤ��ꤪ��ɲä��ޤ��

��Τ褦�ˤ��ơ��饤��ǧ��׷��ꤷ�ޤ��

ͭ��ʾ��=��Ĥ��٤ƤΥ桼��˥��Ĥ��ˤϡ��μ��˽��ޤ��

��Security�ץ��ǡ��Client Authentication��Ѥ��ơ��Ե��åȤΥ��饤��ǧ�ڤ��׵ᤷ�ޤ��С��=񤬥��󥹥ȡ��뤵��Ƥ��ʤ��ϡ��ɽ��ޤ��

ξ��ͭ��ʾ��=��a��)��Ǽ��ǽ�ʥ桼��Ȥ��ƻ��ꤵ��Ƥ��桼��$��˥��Ĥ��ˤϡ��μ��˽��ޤ��

��Security�ץ��ǡ��Client Authentication��򥪥դΤޤޤˤ��ޤ��С��=񤬥��󥹥ȡ��뤵��Ƥ��ʤ��ϡ��ɽ��ޤ��

��Υ��С��󥹥��󥹤Υ��С��ޥ͡��㡼�Ρ�Preferences�ץ��֤ǡ��Administer Access Control�ץ�󥯤򥯥�å��ޤ��

ACL ��j�򤷡��Edit�ץܥ��򥯥�å��ޤ��Access Control Rules For�ץڡ��ɽ��ޤ��ץ��ץȤ�ɽ��줿��ϡ��ǧ�ڤ�ԤäƤ��$��

��)��ͭ��ˤ��ޤ��Access control Is On�ץe��å��ܥå��j�򤵤�Ƥ��ʤ��j�򤷤ޤ��

Proxy Server ��եץ?��Ȥ��ǧ�ڤ��褦��ꤷ�ޤ��ܺ٤ϡ��ֵեץ?��򻲾Ȥ��Ƥ��$��

��˾��륢��)��롼��Ρ�Rights�ץ�󥯤򥯥�å��ơ��Υե졼��ǥ��ꤷ��Update�פ򥯥�å��Ƥ��Υ��ȥ�򹹿��ޤ��

��Users/Groups�ץ�󥯤򥯥�å��ޤ��Υե졼��ǥ桼��ȥ��롼�פ��ꤷ��ǧ��ˡ�Ȥ�� SSL ��j�򤷡��Update�פ򥯥�å��Ƥ��Υ��ȥ�򹹿��ޤ��

��Υե졼��ǡ�Submit�פ򥯥�å��ơ��ȥ��¸��ޤ��

��)��ˤĤ��Ƥϡ��֥��С��ؤΥ��)��򻲾Ȥ��Ƥ��$��

��ƥ�ĥ��С��ץ?��ǧ��

�֥��ƥ�ĥ��С��ץ?��ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�

�ֵեץ?��λؼ��˽��äơ��ƥ��ݸ�줿��饤�� - �ץ?��ȡ��ƥ��ݸ�줿�ץ?�� - ��ƥ�ĥ��С��Υ��ʥꥪ��ꤷ�ޤ��

��ƥ�ĥ��С��ǡ��饤��ǧ�ڤ�ͭ��ˤ��ޤ��



��	��Υ��ʥꥪ��ѹ��ơ�Proxy Server ��Ф��Ƥϥ��ƥ��ݸ��Ƥ��ʤ��饤��³��ƥ�ĥ��С��Ф��Ƥϥ��ƥ��ݸ�줿��³��ꤷ��ĥ��ƥ�ĥ��С�� Proxy Server ��ǧ�ڤ��褦�ˤ��뤳�Ȥ��Ǥ��ޤ��Ԥ��ˤϡ��μ��$��Ƥ��褦�ˡ��Ź沽��̵��ˤ��ơ��ץ?��˾��=�Τߤν��ؼ��ɬ�פ��ޤ��

�ץ?��饤��Ȥ�ǧ�ڡ��ĥ��ƥ�ĥ��С��ץ?��ǧ��

�֥ץ?��饤��Ȥ�ǧ�ڡ��ĥ��ƥ�ĥ��С��ץ?��ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�

�֥ץ?��饤��Ȥ�ǧ�ڡ��Ǥλؼ��˽��äơ��֥ץ?��饤��Ȥ�ǧ�ڡץ��ʥꥪ��ꤷ�ޤ��

��ƥ�ĥ��С��ǡ��饤��ǧ�ڤ�ͭ��ˤ��ޤ��

LDAP �ؤΥ��饤��Ⱦ��=�Υޥåԥ�

��Ǥϡ�Proxy Server ��饤��Ⱦ��=�� LDAP �ǥ��쥯�ȥ��Υ��ȥ�˥ޥåפ��뤿��˻��Ѥ��ץ?��ˤĤ��$��ޤ��

��С��饤��Ȥ��׵��ȡ��ʤ��p�˥��饤��Ȥξ��=��ޤ��Υ��饤��Ȥϡ��׵�Ȱ��˥��饤��Ⱦ��=�򥵡��С��ޤ��

��С��ϡ��С��ο��ꤵ�줿 CA �ꥹ�ȤȤ��ξ��=��ȯ�Ը��Ǥ�� CA ��ȹ礷�ޤ��פ��ʤ��硢Proxy Server ��³��λ��ޤ��פ��硢��С��׵�ν��³�Ԥ��ޤ��

��=񤬿��ꤵ�줿 CA ��Τ�ΤǤ��뤳�Ȥ��ǧ��ȡ��С��ϡ��ˡ�� LDAP ��ȥ�ˤ��ξ��=��ޥåפ��ޤ��


��	LDAP �˥��饤��Ⱦ��=��ޥåԥ󥰤��p�ˡ�ɬ�פ� ACL ��ꤷ�Ƥ��ɬ�פ��ޤ��ܺ٤ϡ��֥��С��ؤΥ��)��򻲾Ȥ��Ƥ��$��

��饤��Ⱦ��=��ȯ�ԼԤȥ��֥�� DN �� LDAP �ǥ��쥯�ȥ��ʬ��$˥ޥåפ��ޤ��

��饤��Ⱦ��=�Υ��֥�� (��ɥ桼��) �˴ؤ��Ȱ��פ��륨��ȥ꤬�ʤ�� LDAP �ǥ��쥯�ȥ�򸡺�ޤ��

(��ץ��) DN ��б�� LDAP ��ȥ��Υ��饤��Ⱦ��=�Ȥ��Υ��饤��Ⱦ��=�򸡾ڤ��ޤ��

��С��ϡ�certmap.conf �ȸƤФ��=�ޥåԥ󥰥ե��Ѥ�� LDAP ��μ¹��ˡ��ꤷ�ޤ��Υޥåԥ󥰥ե��ϡ��饤��Ⱦ��=񤫤��$�� (��ɥ桼��̾��Żҥ᡼�륢�ɥ쥹�ʤ�) �򥵡��С��˻ؼ��ޤ��С��ϡ��ͤ��Ѥ�� LDAP �ǥ��쥯�ȥ��˥桼��ȥ꤬�ʤ��ޤ��Ϥ��ˡ�LDAP �ǥ��쥯�ȥ��Τɤ��鸡��򳫻Ϥ��뤫��ꤹ��ɬ�פ��ޤ��=�ޥåԥ󥰥ե��ϡ��Ϥ��⥵��С��˻ؼ��ޤ��

��С��ˡ��򳫻Ϥ��ꤪ��Ӹ��Ƥ��Τ�� (�嵭�κǽ�ι��)��LDAP �ǥ��쥯�ȥ��Ǹ��¹Ԥ��ޤ� (2 ��ܤι��)��פ��륨��ȥ꤬�ʤ��ޤ��ϰ��פ��륨��ȥ꤬��äƤ�ޥåԥ󥰤��=�򸡾ڤ��褦��ꤵ��Ƥ��ʤ��硢��ϼ��Ԥ��ޤ��

��ɽ�ϡ�ͽ��븡��̤�ư��򼨤��Ƥ��ޤ��ͽ��ư��ϡ�ACL �ǻ��Ǥ��ޤ��Ȥ��С��=�ξȹ�˼��Ԥ��硢��ʬ�$�� Proxy Server �˼��褦�˻��Ǥ��ޤ��ACL �ξܺ��ˤĤ��Ƥϡ��֥��)��ե��λ��ѡ��򻲾Ȥ��Ƥ��$��

ɽ 5-1 LDAP ��
LDAP ��	��=�θ��ڤ��	��=�θ��ڤ��
��Ф��줿��ȥ�ʤ�	ǧ�ڼ��	ǧ�ڼ��
��Ф��줿��ȥ꤬ 1 �ĤΤ�	ǧ�ڼ��	ǧ��.��
��Ф��줿��ȥ꤬ʣ��	ǧ�ڼ��	ǧ�ڼ��

��С�� LDAP �ǥ��쥯�ȥ��ǰ��פ��륨��ȥ�Ⱦ��=�򸡽Ф��ȡ��ξ��Ѥ��ƥȥ�󥶥��Ǥ��ޤ��Ȥ��С��Υ��С��Ǥϡ��С��ؤΥ��Ƚ�Ǥ��Τ˾��=� - LDAP �֥ޥåפ��Ѥ��ޤ��

certmap.conf �ե��λ��

��=�Υޥåԥ󥰤ϡ�LDAP �ǥ��쥯�ȥ��Υ桼��ȥ�򥵡��С��ɤΤ褦�˸��뤫��ꤷ�ޤ��certmap.conf ��Ѥ��ơ�̾p�ǻ��ꤵ�줿��=�� LDAP ��ȥ�˥ޥåפ��ˡ��Ǥ��ޤ��Υե��Խ��LDAP �ǥ��쥯�ȥ��ȿ��Ⱦȹ礵��褦�˥��ȥ��ɲä��桼��˻��=�Υꥹ�Ȥ�ɽ��褦�ˤ��ޤ��subjectDN ��ǻ��Ѥ��Ƥ��桼�� ID��Żҥ᡼�롢�ޤ��Ϥ��¾��ͤ˴�Ť��ƥ桼��ǧ�ڤ��뤳�Ȥ��Ǥ��ޤ��äˡ��ޥåԥ󥰥ե��Ǥϡ��ξ��d��ޤ��

LDAP �ĥ꡼��ǥ��С��򳫻Ϥ��

LDAP �ǥ��쥯�ȥ��Υ��ȥ�򸡺��Ȥ��˥��С��Ȥ��ƻ��Ѥ��=��°-

��С��ɲäθ��ڥץ?��»ܤ��뤫�ɤ��

��Υե��ˤϡ��줾�줬�ۤʤ� CA ��Ŭ�Ѥ��롢1 �İʾ��̾p�դ��ޥåԥ󥰤��ޤޤ�Ƥ��ޤ��ޥåԥ󥰤ι�ʸ�ϡ��ΤȤ��Ǥ��

�ǽ�ιԤˤϥ��ȥ��̾p�ȡ�CA ��=��˵��ܤ��Ƥ��뼱��̾��ꤹ��°-��ꤷ�ޤ��name ��Ǥ�դǤ��̾p��dǤ��ޤ��$��issuerDN �ϡ��Υ��饤��Ⱦ��=��ȯ�Ԥ�� CA ��ȯ�Լ� DN �ȴ�t�˰��פ��Ƥ��ɬ�פ��ޤ��Ȥ��С�� 2 �Ĥ� issuerDN �Ԥϡ�°-�֤˶��ʸ��뤫�ɤ��Ȥ��$��ۤʤ�$��Ǥ��С��ϡ�� 2 �ĤΥ��ȥ��̤Τ�ΤȤ��ư��ޤ��

certmap sun1 ou=Sun Certificate Authority,o=Sun,c=US
certmap sun2 ou=Sun Certificate Authority, o=Sun, c=US


�ҥ��	Sun Java System Directory Server ��Ѥ��Ƥ��Ȥ�� issuerDN �ξȹ��꤬��ä��ϡ�Directory Server �Υ��顼�?��Ĵ�٤�ͭ�Ѥʾ��õ��ޤ��

̾p�դ��ޥåԥ󥰤� 2 ��ܰʹߤιԤϡ��ץ�ѥƥ��ͤȾȹ礵��ޤ��certmap.conf �ե��ˤϡ��˼�� 6 �ĤΥǥե��ȤΥץ�ѥƥ��ޤ��=� API ��Ѥ��ȡ��桼��ȼ��Υץ�ѥƥ��򥫥��ޥ��Ǥ��ޤ��

DNComps �ϥ��ޤǶ��ڤä�°-�Υꥹ�Ȥǡ��桼��ξ�� (�Ĥޤꥯ�饤��Ⱦ��=�ν�ͭ��) �Ȱ��פ��륨��ȥ�θ��򡢥��С�� LDAP �ǥ��쥯�ȥ��Τɤ��鳫�Ϥ��뤫��Ƚ�Ǥ��뤿��˻��Ѥ��ޤ��С��ϡ��饤��Ⱦ��=񤫤餳��°-��ͤ��LDAP DN ��ꤹ�뤿��ˤ��ͤ��Ѥ��ޤ��줬��LDAP �ǥ��쥯�ȥ��ǥ��С��򳫻Ϥ��ꤷ�ޤ��Ȥ��С�DN �� o °-�� c °-��Ѥ��褦 DNComps ��ꤷ��硢��С��ϡ�LDAP �ǥ��쥯�ȥ�� o=org�� c= country ��ȥ꤫�鸡��򳫻Ϥ��ޤ�� org �� country �ϡ��=�� DN �˵��ܤ��Ƥ��ͤ��֤��ޤ��

FilterComps �ϡ��ޤǶ��ڤä�°-�Υꥹ�Ȥǡ��饤��Ⱦ��=��Υ桼�� DN ��ƥե��륿��.��뤿��˻��Ѥ��ޤ��С��ϡ��°-��ͤ��Ѥ��ơ�LDAP �ǥ��쥯�ȥ��ǥ��ȥ��ȹ礹�뤿��˻��Ѥ��븡��.��ޤ��С�� LDAP �ǥ��쥯�ȥ��ǡ��=񤫤��桼��˰��פ�� 1 �Ĥޤ��ʣ��Υ��ȥ�򸡽Ф��硢��.��ץ��ǥ��С��ڤ�Ԥ��ޤ��

��Ȥ��С��Żҥ᡼��°-�ȥ桼�� ID °-��Ѥ��褦 FilterComps ��ꤹ�� (FilterComps=e,uid)��С��ϡ��Żҥ᡼��ȥ桼�� ID ��ͤ��饤��Ⱦ��=񤫤��ɥ桼��ξ��Ȱ��פ��륨��ȥ��ǥ��쥯�ȥ꤫�鸡��ޤ��Żҥ᡼�륢�ɥ쥹�ȥ桼�� ID �ϡ��̾�ǥ��쥯�ȥ��ǰ�դΥ��ȥ�Ǥ��뤿�ᡢ�ե��륿�Ȥ��Ŭ�ڤǤ��ե��륿�ϡ�LDAP �ǡ��١�� 1 �Ĥ$��Υ��ȥ�Ȱ��פ��褦��ͭ�Τ�ΤǤ��ɬ�פ��ޤ��

�ե��륿�Τ��°-̾�ϡ�LDAP �ǥ��쥯�ȥ�ǤϤʤ��=񤫤��$��°-̾�Ǥ��ɬ�פ��ޤ��Ȥ��С��ξ��=�ˤϥ桼��Żҥ᡼�륢�ɥ쥹�� e °-��ޤ��LDAP �Ǥϡ��°-�� mail �ȸƤ�Ǥ��ޤ��

��ɽ�ϡ�x509v3 ��=��°-�򼨤��Ƥ��ޤ��

ɽ 5-2 x509v3 ��=��°-
°-	��
c	��
o	�ȿ�
cn	��̾
l	��
st	��
ou	�ȿ�ñ��
uid	UNIX/Linux �桼�� ID
email	E-mail address

verifycert �ϡ�LDAP ��ˤ��=�ȥ��饤��Ȥξ��=��Ӥ��뤫�ɤ��򥵡��С��˻ؼ��ޤ��ϡ��on�פޤ��ϡ�off�פ� 2 �Ĥ��ͤΤ��줫��ޤ��$��Υץ�ѥƥ��ϡ�LDAP �ǥ��쥯�ȥ�˾��=񤬤��Ȥ��$��Ѥ��Ƥ��$��ε�ǽ�ϡ��ɥ桼��ͭ��ʡ��ä��Ƥ��ʤ��=��μ¤˽�ͭ�Ǥ��褦�ˤ��Τ��Ǥ��

CmapLdapAttr �ϡ�LDAP �ǥ��쥯�ȥ��°-��̾p�ǡ��оݤΥ桼��°��Ƥ��뤹�٤Ƥξ��=�˵��ܤ��Ƥ��륵�֥�� DN ��ޤޤ�Ƥ��ޤ��Υץ�ѥƥ��Υǥե��Ȥϡ�certSubjectDN �Ǥ��°-��ɸ�� LDAP °-�ǤϤʤ��ᡢ��Υץ�ѥƥ��Ѥ��ˤϡ�LDAP ��ޤ��ĥ��ɬ�פ��ޤ��ܺ٤ϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��

��Υץ�ѥƥ�� certmap.conf �ե��¸�ߤ��硢��С��ϡ��Υץ�ѥƥ��̾p��դ��°-��=񤫤��$��줿��֥��Ȥδ�t�� DN �˰��פ��Ƥ��륨��ȥ�� LDAP �ǥ��쥯�ȥ�t�Τ��鸡��ޤ��ȥ꤬��Ф��ʤ��ä��硢��С�� DNComps �ޥåԥ󥰤� FilterComps �ޥåԥ󥰤��Ѥ��ơ��ƻ�Ԥ��ޤ��

LDAP ��ȥ�Ⱦ��=��ȹ礹�뤿��Τ��ˡ�ϡ�DNComps �� FilterComps ��Ѥ��ƥ��ȥ��ȹ礹�뤳�Ȥ��񤷤��Ǥ��

Library �ϡ��ͤ��ѥ饤�֥��ޤ�� DLL �ؤΥѥ�̾�Ǥ��ץ�ѥƥ��Ǥ��=� API ��Ѥ��ȼ��Υץ�ѥƥ��.��Τߡ��Υץ�ѥƥ��Ѥ��Ƥ��$��

InitFn �ϡ��ͤ��饤�֥�� init �ؿ��̾p�Ǥ��ץ�ѥƥ��Ǥ��=� API ��Ѥ��ȼ��Υץ�ѥƥ��.��Τߡ��Υץ�ѥƥ��Ѥ��Ƥ��$��

��Υץ�ѥƥ��ˤĤ��Ƥϡ��֥ޥåԥ��˵��ܤ��Ƥ��򻲾Ȥ��Ƥ��$��

��ץ�ѥƥ��κ�.

��饤��Ⱦ��=� API ��Ѥ��ơ��ȼ��Υץ�ѥƥ��.�Ǥ��ޤ��ޥåԥ󥰤�Ԥä��顢��Τ褦�˥ޥåԥ󥰤򻲾Ȥ��ޤ��

certmap default1 o=Sun Microsystems, c=US
default1:library /usr/sun/userdb/plugin.so
default1:InitFn plugin_init_fn
default1:DNComps ou o c
default1:FilterComps l
default1:verifycert on

�ޥåԥ��

certmap.conf �ե��ˤϡ��ʤ��Ȥ� 1 �ĤΥ��ȥ꤬ɬ�פǤ��Ǥϡ�certmap.conf �ե��ѤǤ��뤤��Ĥ��ˡ�򼨤��Ƥ��ޤ��

�� 1

��ϡ��ǥե��ȤΥޥåԥ󥰤� 1 �Ĥ$�� certmap.conf �ե��ɽ��Ƥ��ޤ��

certmap default default
default:DNComps ou, o, c
default:FilterComps e, uid
default:verifycert on

��ǥ��С��ϡ�ou=orgunit��o=org��c=country ��ȥ��Ǽ��Ƥ�� LDAP ʬ��$��鸡��򳫻Ϥ��ޤ��Ǽ��ΤΥƥ��Ȥϡ��饤��Ⱦ��=��Υ��֥�� DN �˵��ܤ��Ƥ��ͤ��֤��ޤ��

��ˡ��С��=�˵��ܤ��Ƥ��Żҥ᡼�륢�ɥ쥹�ȥ桼�� ID ��ͤ��Ѥ��ơ�LDAP �ǥ��쥯�ȥ��ǰ��פ��륨��ȥ�򸡺�ޤ��ȥ꤬��Ф��ȡ��С��ϡ��饤��Ȥˤ��줿��ȥ��ǥ��쥯�ȥ��˳�Ǽ��Ƥ��륨��ȥ��Ӥ��ơ��=�򸡾ڤ��ޤ��

�� 2

��Υե��ˤϡ�2 �ĤΥޥåԥ󥰤��Ҥ��Ƥ��ޤ��1 �Ĥϥǥե��Ѥǡ��⤦ 1 �Ĥ� US Postal Service �ѤǤ��

certmap usps ou=United States Postal Service, o=usps, c=US
usps:DNComps ou,o,c
usps:FilterComps e
usps:verifycert on

��С�� US Postal Service �ʳ��=��$��硢��С��ϥǥե��ȤΥޥåԥ󥰤��Ѥ��ޤ��ϡ�LDAP �ĥ꡼�κǾ��顢��饤��Ȥ��Żҥ᡼��ȥ桼�� ID �˰��פ��륨��ȥ�θ��򳫻Ϥ��ޤ��=� US Postal Service ��Τ�ΤǤ��硢��С��ϡ��ȿ�ñ�̤��Ǽ��Ƥ�� LDAP ʬ��鸡��򳫻Ϥ��פ��Żҥ᡼�륢�ɥ쥹��õ��ޤ��ޤ��ξ��=� US Postal Service ��Τ�ΤǤ��ˤϡ��С��Ͼ��=�θ��ڤ�Ԥ��ޤ��ʳ��ξ��=�ϸ��ڤ��ޤ��

�� 3


�ٹ�	��=��ȯ�Լ� DN (�Ĥޤ� CA �ξ��) �ϡ��ޥåԥ󥰤κǽ�ιԤ˵��Ҥ��Ƥ��ȯ�Լ� DN ��Ʊ��Ǥʤ��ƤϤʤ�ޤ��p�Ҥ��Ǥϡ�o=United States Postal Service,c=US �Ȥ��ȯ�Լ� DN ��ξ��=�ϡ�o °-�� c °-�δ֤˶��ʸ��ʤ��פ��ޤ��

��Ǥϡ�CmapLdapAttr �ץ�ѥƥ��Ѥ��ơ��饤��Ⱦ��=񤫤��$��֥�� DN t�ΤȤԤä��פ��ͤ�� certSubjectDN �Ȥ��°-��LDAP �ǡ��١��鸡��ޤ��

certmap myco ou=My Company Inc, o=myco, c=US
myco:CmapLdapAttr certSubjectDN
myco:DNComps o, c
myco:FilterComps mail, uid
myco:verifycert on

��Τ褦�ʥ��饤��Ⱦ��=�Υ��֥��Ȥ�ͤ��ޤ��

��С��ϡ��Ϥ��˼��ξ��Ǽ��Ƥ��륨��ȥ�򸡺�ޤ��

1 �Ĥޤ��ʣ��ΰ��פ��ȥ꤬��Ф��줿��硢��С��Ϥ��Υ��ȥ�θ��ڽ��ʤ�ޤ��פ��륨��ȥ꤬��Ф��ʤ��ä��ˤϡ��С��ϡ�DNComps �� FilterComps ��Ѥ��ơ��פ��륨��ȥ�򸡺�ޤ��Ǥϡ��С��ϡ�o=LeavesOfGrass Inc, c=US �β��ˤ��뤹�٤ƤΥ��ȥ꤫�� uid=Walt Whitman �򸡺�ޤ��


��	��Ǥϡ�LDAP �ǥ��쥯�ȥ�� certSubjectDN °-��ĥ��ȥ꤬��뤳�Ȥ�p��Ȥ��Ƥ��ޤ��

��ǤʰŹ沽��

��С��ޥ͡��㡼�Ρ�Preferences�ץ��֤ˤ��Set Cipher Size�ץ��ץ��Ǥϡ��뤿��Υ�� 168��128��ޤ�� 56 �ӥåȤΤ��줫��ޤ��)�¤ʤ��j��Ǥ��ޤ��)�¤�Ŭ�礷�ʤ��˻��Ѥ��ե��ꤹ�뤳�Ȥ��Ǥ��ޤ��ե��뤬��ꤵ��Ƥ��ʤ��硢Proxy Server ��Forbidden�ץ��ơ��֤��ޤ��

��뤿��θ��Ȥ��ơ��Security Preferences�פǤθ��ߤΰŹ沽��0�礷�ʤ��j�򤹤�ȡ�Proxy Server ��顢�Ź沽��Ǥ��礭��ͭ��ˤ��ɬ�פ��뤳�Ȥ��Τ餻��ݥåץ��åץ%��?��ɽ��ޤ��

��ߡ��)�¤μ��ϡ�Service fn=key-toosmall �ǤϤʤ��obj.conf �ˤ�� NSAPI PathCheck ��˴�Ť��Ƥ��ޤ��λ��ϼ��ΤȤ��Ǥ��

�� nbits �ϡ��ɬ�פȤ��Ǿ��ӥåȿ�ǡ�filename �ϡ�)�¤�Ŭ�礷�ʤ��˻��Ѥ��ե��̾p�Ǥ��

SSL ��ͭ��ǤϤʤ��硢�ޤ�� secret-keysize �ѥ�᡼��ꤵ��Ƥ��ʤ��硢PathCheck �� REQ_NOACTION ��֤��ޤ��ߤΥ��å��ꤵ�줿 secret-keysize ��꾮��Ȥ��ؿ�ϡ�bong-file ��ꤵ��Ƥ��ʤ��ˤ� PROTOCOL_FORBIDDEN �Υ��ơ��ȤȤ�� REQ_ABORTED ��֤��ޤ��ʳ��ξ��ˤ� REQ_PROCEED ��֤��ơ�path �ѿ� bong-file filename ��ꤵ��ޤ��ޤ��Υ��)�¤�Ŭ�礷�ʤ��ϡ��ߤΥ��å�� SSL ��å��󥭥�å��奨��ȥ̵꤬��ˤʤ뤿�ᡢ��Ʊ��饤��Ȥ��С��³��Ȥ��t�� SSL �ϥ�ɥ��Ԥ��ޤ��

��ǤʰŹ沽��ꤹ��ˤ�


��	��Set Cipher Size�ץե��ϡ�PathCheck fn=ssl-check ��ɲä��Ȥ��˥��֥��Ǹ��Ф��줿 Service fn=key-toosmall ��ޤ��

��С��ޥ͡��㡼�˥��ƥ��С��󥹥��󥹤�j�򤷡��Preferences�ץ��֤򥯥�å��ޤ��

��Set Cipher Size�ץ�󥯤򥯥�å��ޤ��

�ɥ�åץ%��ꥹ�Ȥ��顢��ǤʰŹ沽��Ŭ�Ѥ��꥽��j�򤷤ơ��Select�פ򥯥�å��ޤ��5��ɽ��ꤹ�뤳�Ȥ�Ǥ��ޤ��ܺ٤ϡ��֥ƥ�ץ졼�Ȥȥ꥽��δ��򻲾Ȥ��Ƥ��$��

��)�¤�j�򤷤ޤ��

��168 bit or larger��

��128 bit or larger��

��56 bit or larger��

��No restrictions��

��ݤ��å��Υե��ξ��Ϥ��ơ��λ��פ򥯥�å��ޤ��

�Ź沽��ˤĤ��Ƥϡ��Introduction to SSL�פ򻲾Ȥ��Ƥ��$��

��¾�Υ��ƥ��˴ؤ��ջ��

�軰�Ԥ��Ź��ɤ��褦�Ȥ��ʳ��ˤ⡢��ƥ��˴ؤ��ꥹ��ޤ��ͥåȥ��Ͼ�ˡ��¦�ȳ�¦��顢�ϥå��Υꥹ��ˤ��餵��Ƥ��ޤ��ϥå��Ϥ��ޤ��ޤʼ��Ȥäơ��С��䥵��С��˳�Ǽ��Ƥ��˥��褦�Ȥ��Ƥ��ޤ��С��ǰŹ沽��ͭ��ˤ��$��Ǥʤ��̤Υ��ƥ��к��Ω�Ƥ�ɬ�פ��ޤ��Ȥ��С��ƥ��ݸ�줿��˥��С��ԥ塼��֤��Ǥ��ʤ��Ŀͤ˥��С��ؤΥץ?��Υ��åץ?�ɤ��Ĥ��ʤ��褦�ˤ��ʤɤǤ��Ǥϡ��С��Υ��ƥ��򤵤�˶��Τ�ɬ�פʡ��פʻ��ˤĤ��Ƥ��Ĥ��$��ޤ��

��饤��Ȥˤ�� SSL �ե��륭��å��󥰤��ɻ�

�ݡ��Ȥ�)��

��С��θ³��İ�

ʪ��Ū��)��

��Υ��ץ�ʥ��ƥ��ʤ��ճ��ȸ��Ȥ��줬�dǤ��ǧ��줿�ͤ$��Ǥ��븰�γݤ��ä��˥��С��ԥ塼��֤��Ƥ��$��Τ褦�ˤ��ȡ��С��ԥ塼��ΤؤΥϥå��󥰤��ɤ��ޤ��ޤ��ԥ塼��δ�� (root) �ѥ���ɤ��ͭ��Ƥ��ˤϡ��ѥ���ɤ��ݸ�Ƥ��ɬ�פ��ޤ��

��)��

��⡼�ȹ�.��Ѥ��Ƥ��硢ɬ��ͤΥ桼��ȿ��Υ��ԥ塼��$��Ȥ�¹ԤǤ��褦�ˡ��)��ꤷ�ޤ��С��饨��ɥ桼��θ��¤� LDAP ��С��?��ǥ��쥯�ȥ��ؤΥ��Ĥ��硢2 ��δ��С��ݻ��饹��Ѥ��ơ�1 �� SSL ��ͭ��ˤ��ƥޥ��Ȥʤ��С��ˤ��⤦ 1 ��δ��С��򥨥�ɥ桼��饢��Ǥ��褦�ˤ��뤳�Ȥ�Ƥ��Ƥ��$��饹��ˤĤ��Ƥϡ��֥��С��饹��δ��򻲾Ȥ��Ƥ��$��

��С��ΰŹ沽��ǽ�⥪��ˤ��뤳�Ȥ򤪴��ᤷ�ޤ�� SSL ��³��Ѥ��ʤ��硢��⡼�ȥ��С��δ��ƥ��ݸ��Ƥ��ʤ��ͥåȥ��𤷤ƹԤ��Ȥ��$��դ��Ƥ��$��ѥ���ɤ�˵��䡢��С��κ��꤬�$�ˤǤ��ǽ�ˤʤäƤ��ޤ��ޤ��

��Ǥʥѥ���ɤ�j��

��С��Ǥ�¿��Υѥ���ɤ��Ѥ��Ƥ��ޤ��ѥ���ɡ��ѥ���ɡ��ǡ��١��ѥ���ɤʤɤǤ��Ǥ�äȤ��פʥѥ���ɤϴ��ѥ���ɤǤ��Υѥ���ɤ�Ȥ��С�ï�⤬��ԥ塼��ΤɤΥ��С��Ǥ�Ԥ��뤫��Ǥ��˽��פʤΤϡ��ѥ���ɤǤ��ѥ���ɤ��軰�Ԥ��ꤷ��硢��軰�Ԥ��桼��Υ��С��Ǥ��褦�˸��Υ��С��.��ꡢ��С��̿��˵��Ʋ��󤷤��ꤹ��ǽ-��ޤ��

ͥ�줿�ѥ���ɤϡ��桼��Ȥ��Ф��䤹��軰�ԤˤϿ�¬�Ǥ��ʤ��褦�ʥѥ���ɤǤ��Ȥ��С�MCi12!mo �ϡ�My Child is 12 months old!�פȤ��ƳФ��뤳�Ȥ��Ǥ��ޤ��ѥ���ɤ��Ȥ��Ƥϡ��Ҷ��̾p��8��ʤɤ��󤲤��ޤ��

��¬��ˤ��ѥ���ɤκ�.

��t-�ι⤤�ѥ���ɤ��.��Τ��Ω�ġ��Ĥ��δ�ñ��ջ��򼨤��ޤ��1 �ĤΥѥ���ɤ˼��ε�§�Τ��٤Ƥ��ɬ�פϤ��ޤ��󤬡��Ѥ��뵬§��¿��¿��ۤɡ��ѥ���ɤϿ�¬��ˤ��ʤ�ޤ��Ĥ��ҥ�Ȥ򼨤��ޤ��

�ѥ���ɤ�Ĺ�� 6 �� 14 ʸ��ˤ��

5��ʳ��ʸ�� (*��"��ޤ��϶��ʸ��) �ϻ��Ѥ��ʤ�

��˺ܤäƤ��Ѥ��ʤ� (�ɤθ8�Ǥ�)

E �� 3 �ˤ��롢L �� 1 �ˤ��롢�ʤɤΤ褯��ʸ��֤��ϹԤ�ʤ�

�ʲ��μ��ʸ��򡢤Ǥ��$�¿��ߤ��

��ʸ��

��

�ѥ���ɤޤ�� PIN ��ѹ�

��ǡ��١��Ӹ��ڥ��ե��Υѥ���ɤޤ�� PIN ��Ū��ѹ��褦�ˤ��Ƥ��$��С�� SSL ��ͭ��ˤ��Ƥ��硢��С��ư��Ȥ��ˤ��Υѥ���ɤ�ɬ�פǤ��ѥ���ɤ��Ū��ѹ��ȡ��С��Υ��ƥ��ݸ��ޤ��

��Υѥ���ɤϡ��?��륳��ԥ塼��ǤΤ��ѹ��뤳�Ȥ򤪴��ᤷ�ޤ��ѥ���ɤ��ѹ��Ȥ��˹�θ��ɬ�פΤ��륬��ɥ饤��ˤĤ��Ƥϡ��ֿ�¬��ˤ��ѥ���ɤκ�.��򻲾Ȥ��Ƥ��$��

��ǡ��١��/��ڥ��ե��Υѥ���ɤ��ѹ��ˤ�

��С��ޤ��ϥ��С��ޥ͡��㡼�˥��Security�ץ��֤�j�򤷤ޤ��

��Change Key Pair File Password�ץ�󥯤򥯥�å��ޤ��

��Cryptographic Module�ץɥ�åץ%��ꥹ�Ȥ��顢�ѥ���ɤ��ѹ��륻��ƥ��ȡ��j�򤷤ޤ��ǥե��ȤǤϡ��ǡ��١��Ρ�Internal�פˤʤäƤ��ޤ��PKCS #11 �⥸�塼�뤬��󥹥ȡ��뤵��Ƥ��ϡ��٤ƤΥ��ƥ��ȡ��󤬰��ɽ��ޤ��

��ߤΥѥ���ɤ��Ϥ��ޤ��

��ѥ���ɤ��Ϥ��ޤ��

�⤦��Ϥ��λ��פ򥯥�å��ޤ��

��ڥ��ե��ɬ��ƥ��ݸ��褦�ˤ��ޤ��С��ϡ�server_root/alias �ǥ��쥯�ȥ��˸��ڥ��ե��Ǽ��ޤ��

��Υե��뤬�Хå��åץơ��פ˳�Ǽ��Τ��ɤ��ޤ��軰�Ԥ�˵��Ǥ��褦�ʾ��֤��ɤ��ΤäƤ��Ȥ��ڤǤ��ξ��ˤϡ��Хå��åפ򥵡��С��Ʊ��褦�ˡ��t�˥��ƥ��ݸ��ɬ�פ��ޤ��

��С��ǤΤۤ��Υ��ץꥱ��)��

��С��Ʊ��ԥ塼��Ǽ¹Ԥ��뤹�٤ƤΥ��ץꥱ��ʬ�˸�Ƥ��ޤ��С��Ǽ¹Ԥ��ۤ��Υ��ץꥱ��Υ��ƥ��ۡ��Ѥ��ơ��С��Υ��ƥ��?�ˤ��餵��ǽ-��ޤ��ɬ�פʥץ?��䥵��ӥ��Ϥ��٤�̵��ˤ��Ƥ��$��Ȥ��С�UNIX sendmail �ǡ��ϡ��t��ꤹ�뤳�Ȥ��񤷤��ƶd�ڤܤ��ǽ-�Τ��ۤ��Υץ?��򥵡��С��ԥ塼��Ǽ¹Ԥ��褦�˥ץ?��व��ǽ-��ޤ��

UNIX �� Linux

inittab ��ץȤ� rc ��ץȤ��鳫�Ϥ��ץ?��դ��j�򤷤ޤ��telnet �ޤ�� rlogin �򥵡��С��ԥ塼��¹Ԥ��ʤ��Ǥ��$��ޤ��С��ԥ塼�� rdist ��֤��ʤ��Ǥ��$��Υץ?��Ѥ��ȡ��ե��ۤǤ��ޤ��С��ԥ塼��Υե��ι��ˤ��Ѥ��ǽ-��ޤ��

Windows

¾�Υ��ԥ塼��ȶ�ͭ��ɥ饤�֤�ǥ��쥯�ȥ�ˤĤ��ơ��ʬ�˸�Ƥ��Ƥ��$��ޤ��ɤΥ桼��Ȥ䥲��Ȥ��ø��ͭ��Ƥ��뤫�ˤĤ��Ƥ⸡Ƥ��Ƥ��$��С��֤��Ƥ��ץ?��䡢�ۤ��Υ桼��˥��󥹥ȡ��Ĥ��ץ?��ˤĤ��Ƥ��դ��Ƥ��$��ۤ��Υ桼��Υץ?��˥��ƥ��ۡ��뤬��ǽ-�⤢��ޤ��ǰ��ξ�硢��ƥ��򿯳��뤿��߷פ��դΤ��ץ?��򲿼Ԥ��åץ?�ɤ��ǽ-�⤢��ޤ��äơ��С��˥ץ?��֤��Ȥ��Ĥ��p�ˡ��Υץ?��ɤ�Ĵ�٤Ƥ��$��

��饤��Ȥˤ�� SSL �ե��륭��å��󥰤��ɻ�

HTML �ե�� <HEAD> ��˼��ιԤ��ɲä��뤳�Ȥǡ��Ź沽��Ƥ��ե��뤬��饤��Ȥˤ�ꥭ��å��˽񤭹��ޤ��Τ��p��ɻߤ��뤳�Ȥ��Ǥ��ޤ��

�ݡ��Ȥ�)��

��ԥ塼��ǻ��Ѥ��Ƥ��ʤ��ݡ��Ȥϡ��٤�̵��ˤ��ޤ��롼��ե��Ѥ��ơ��¤Υݡ��ȥ��åȰʳ��ˤ��忮��³��Ǥ��ʤ��褦��ꤷ�ޤ��Τ��Ȥϡ��Ǥ�)�¤��줿�ΰ��ˤ��륵��С��ԥ塼��ʪ��Ū�˻��Ѥ��뤳�Ȥˤ�äƤΤߡ��ԥ塼��ǥ��$��뤳�Ȥ��Ǥ��Ȥ��Ȥ��̣��ޤ��

��С��θ³��İ�

��С��ϡ��С��ȥ��饤��Ȥδ֤ǥ��ƥ��ݸ�줿��³��Ǥ��褦�ˤ��ޤ��С��ϡ��󤬤��ä��󥯥饤��Ȥ˼��$��ȡ��Υ��ƥ��)�椹�뤳�ȤϤǤ��С��ԥ塼��Τ��Ӥ��Υǥ��쥯�ȥ��ե��Ф��륢��)��Ǥ��ޤ��

��Τ褦�ʸ³��ǧ��Ƥ��Ȥϡ��򤱤�٤��򤹤�Τ��Ω�dޤ��Ȥ��С�SSL ��³��𤷤ƥ��쥸�åȥ��ɤ��ֹ��$��Ȥ��ޤ��ֹ�ϥ��С��ԥ塼��Υ��ƥ��ݸ�줿�ե��˳�Ǽ��Ǥ��礦��SSL ��³��λ��ȤǤ��ֹ�Ϥɤ��ʤ�ΤǤ��礦��SSL ��𤷤ƥ��饤��Ȥ��줿��٤Ƥξ��Ф��ơ�ɬ��ƥ��ݸ��褦�ˤ��Ƥ��$��

p�� ܼ� ��
Sun Java System Web Proxy Server 4.0.1 ��

�� 5 �� ���=�ȸ��λ���

���=�١�����ǧ��

����ǡ����١����κ�.

����ǡ����١������.����ˤ�

password.conf �λ���

SSL ��ͭ��ʥ����С���ưŪ�˵�ư

SSL ��ͭ��ʥ����С���ưŪ�˵�ư����ˤ�

VeriSign ���=���׵ᤪ��ӥ��󥹥ȡ���

VeriSign ���=���׵�

VeriSign ���=���׵᤹��ˤ�

VeriSign ���=�Υ��󥹥ȡ���

VeriSign ���=�򥤥󥹥ȡ��뤹��ˤ�

�ۤ��Υ����С����=���׵ᤪ��ӥ��󥹥ȡ���

ɬ�פ� CA ����

�ۤ��Υ����С����=���׵�

�ۤ��Υ����С����=���׵᤹��ˤ�

�ۤ��Υ����С����=�Υ��󥹥ȡ���

¾�Υ����С����=�򥤥󥹥ȡ��뤹��ˤ�

���=�ΰܹ�

���=��ܹԤ���ˤ�

�Ȥ߹��ߥ롼�Ⱦ��=�⥸�塼��λ���

���=�δ���

���=������ˤ�

CRL �� CKL �Υ��󥹥ȡ���ȴ���

CRL �ޤ��� CKL �Υ��󥹥ȡ���

CRL �ޤ��� CKL �򥤥󥹥ȡ��뤹��ˤ�

CRL �� CKL �δ���

CRL �� CKL ������ˤ�

�������ƥ����˴ؤ���ܺ�����

SSL �� TLS �ץ�ȥ���

SSL ����Ѥ��� LDAP �Ȥ��̿�

����С��� SSL ��ͭ��ˤ���ˤ�

Proxy Server ��𤷤� SSL �Υȥ�ͥ��

SSL �ȥ�ͥ�󥰤�����

SSL �ȥ�ͥ�󥰤����ꤹ��ˤ�

SSL �ȥ�ͥ�󥰤ε���Ū�ܺ�

�Ե������åȤΥ������ƥ�����ͭ��

�������ƥ�����ǽ��ͭ��

�Ե������åȤκ�.���˥������ƥ�����ǽ��ͭ��ˤ���ˤ�

�Ե������åȤ��Խ����˥������ƥ�����ǽ�򥪥�ˤ���ˤ�

�Ե������åȤΥ����С����=��j��

�Ե������åȤΥ����С����=��j�򤹤�ˤ�

�Ź沽���j��

SSL �� TLS ��ͭ��ˤ���ˤ�

�������ƥ����Υ��?�Х������

SSL ����ե����������ͤ����ꤹ��ˤ�

SSLSessionTimeout

��ʸ

SSLCacheEntries

SSL3SessionTimeout

��ʸ

����Ź沽�⥸�塼��λ���

PKCS #11 �⥸�塼��Υ��󥹥ȡ���

modutil �ˤ�� PKCS #11 �⥸�塼��Υ��󥹥ȡ���

modutil ����Ѥ��� PKCS #11 �⥸�塼��򥤥󥹥ȡ��뤹��ˤ�

pk12util �λ���

pk12util �ˤ�륨�����ݡ���

����ǡ����١���������=�ȸ��򥨥����ݡ��Ȥ���ˤ�

pk12util �ˤ�륤��ݡ���

����ޤ��ϳ���� PKCS #11 �⥸�塼��˾��=�ȸ��򥤥�ݡ��Ȥ���ˤ�

������=����Ѥ��������С��ε�ư

�Ե������åȤξ��=�̾��j��

�Ե������åȤξ��=��j�򤹤�ˤ�

FIPS-140 ɸ��

FIPS-140 ��ͭ��ˤ���ˤ�

���饤����ȥ������ƥ����׷������

���饤�����ǧ�ڤ��׵�

���饤����Ȥ�ǧ�ڤ��׵᤹��ˤ�

�եץ?���ǤΥ��饤�����ǧ��

�եץ?���ǤΥ��饤�����ǧ�ڤ�����

�ץ?�������饤����Ȥ�ǧ��

�֥ץ?�������饤����Ȥ�ǧ�ڡץ��ʥꥪ�����ꤹ��ˤ�

����ƥ�ĥ����С����ץ?����ǧ��

�֥���ƥ�ĥ����С����ץ?����ǧ�ڡץ��ʥꥪ�����ꤹ��ˤ�

�ץ?�������饤����Ȥ�ǧ�ڡ����ĥ���ƥ�ĥ����С����ץ?����ǧ��

�֥ץ?�������饤����Ȥ�ǧ�ڡ����ĥ���ƥ�ĥ����С����ץ?����ǧ�ڡץ��ʥꥪ�����ꤹ��ˤ�

LDAP �ؤΥ��饤����Ⱦ��=�Υޥåԥ�

certmap.conf �ե�����λ���

��������ץ�ѥƥ����κ�.

�ޥåԥ���

�� 5 ��
��=�ȸ��λ��

��=�١��ǧ��

��ǡ��١��κ�.

��ǡ��١��.��ˤ�

password.conf �λ��

SSL ��ͭ��ʥ��С��ưŪ�˵�ư

SSL ��ͭ��ʥ��С��ưŪ�˵�ư��ˤ�

VeriSign ��=��׵ᤪ��ӥ��󥹥ȡ��

VeriSign ��=��׵�

VeriSign ��=��׵᤹��ˤ�

VeriSign ��=�Υ��󥹥ȡ��

VeriSign ��=�򥤥󥹥ȡ��뤹��ˤ�

�ۤ��Υ��С��=��׵ᤪ��ӥ��󥹥ȡ��

ɬ�פ� CA ��

�ۤ��Υ��С��=��׵�

�ۤ��Υ��С��=��׵᤹��ˤ�

�ۤ��Υ��С��=�Υ��󥹥ȡ��

¾�Υ��С��=�򥤥󥹥ȡ��뤹��ˤ�

��=�ΰܹ�

��=��ܹԤ��ˤ�

�Ȥ߹��ߥ롼�Ⱦ��=�⥸�塼��λ��

��=�δ��

��=��ˤ�

CRL �� CKL �Υ��󥹥ȡ��ȴ��

CRL �ޤ�� CKL �Υ��󥹥ȡ��

CRL �ޤ�� CKL �򥤥󥹥ȡ��뤹��ˤ�

CRL �� CKL �δ��

CRL �� CKL ��ˤ�

��ƥ��˴ؤ��ܺ��

SSL �� TLS �ץ�ȥ��

SSL ��Ѥ�� LDAP �Ȥ��̿�

��С�� SSL ��ͭ��ˤ��ˤ�

SSL �ȥ�ͥ�󥰤��

SSL �ȥ�ͥ�󥰤��ꤹ��ˤ�

SSL �ȥ�ͥ�󥰤ε��Ū�ܺ�

�Ե��åȤΥ��ƥ��ͭ��

��ƥ��ǽ��ͭ��

�Ե��åȤκ�.��˥��ƥ��ǽ��ͭ��ˤ��ˤ�

�Ե��åȤ��Խ��˥��ƥ��ǽ�򥪥�ˤ��ˤ�

�Ե��åȤΥ��С��=��j��

�Ե��åȤΥ��С��=��j�򤹤�ˤ�

�Ź沽��j��

SSL �� TLS ��ͭ��ˤ��ˤ�

��ƥ��Υ��?�Х��

SSL ��ե��ͤ��ꤹ��ˤ�

��Ź沽�⥸�塼��λ��

PKCS #11 �⥸�塼��Υ��󥹥ȡ��

modutil �ˤ�� PKCS #11 �⥸�塼��Υ��󥹥ȡ��

modutil ��Ѥ�� PKCS #11 �⥸�塼��򥤥󥹥ȡ��뤹��ˤ�

pk12util �λ��

pk12util �ˤ�륨��ݡ��

��ǡ��١��=�ȸ��򥨥��ݡ��Ȥ��ˤ�

pk12util �ˤ�륤��ݡ��

��ޤ��ϳ�� PKCS #11 �⥸�塼��˾��=�ȸ��򥤥�ݡ��Ȥ��ˤ�

��=��Ѥ��С��ε�ư

�Ե��åȤξ��=�̾��j��

�Ե��åȤξ��=��j�򤹤�ˤ�

FIPS-140 ��ͭ��ˤ��ˤ�

��饤��ȥ��ƥ��׷��

��饤��ǧ�ڤ��׵�

��饤��Ȥ�ǧ�ڤ��׵᤹��ˤ�

�եץ?��ǤΥ��饤��ǧ��

�եץ?��ǤΥ��饤��ǧ�ڤ��

�ץ?��饤��Ȥ�ǧ��

�֥ץ?��饤��Ȥ�ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�

��ƥ�ĥ��С��ץ?��ǧ��

�֥��ƥ�ĥ��С��ץ?��ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�

�ץ?��饤��Ȥ�ǧ�ڡ��ĥ��ƥ�ĥ��С��ץ?��ǧ��

�֥ץ?��饤��Ȥ�ǧ�ڡ��ĥ��ƥ�ĥ��С��ץ?��ǧ�ڡץ��ʥꥪ��ꤹ��ˤ�

LDAP �ؤΥ��饤��Ⱦ��=�Υޥåԥ�

certmap.conf �ե��λ��

��ץ�ѥƥ��κ�.

�ޥåԥ��

��ǤʰŹ沽��

��ǤʰŹ沽��ꤹ��ˤ�

��¾�Υ��ƥ��˴ؤ��ջ��

ʪ��Ū��)��

��)��

��Ǥʥѥ���ɤ�j��

��¬��ˤ��ѥ���ɤκ�.