{"id":569,"date":"2025-12-24T22:03:36","date_gmt":"2025-12-24T13:03:36","guid":{"rendered":"https:\/\/www.sakanashi.mydns.jp\/wprss\/?p=569"},"modified":"2025-12-26T08:41:29","modified_gmt":"2025-12-25T23:41:29","slug":"post-569","status":"publish","type":"post","link":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/2025\/12\/24\/post-569\/","title":{"rendered":"\u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u306e\u8a3c\u660e\u66f8\u3092\u6b63\u5f0f\u7248\u306b"},"content":{"rendered":"\n

\u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u306b\u306f\u81ea\u524d\u306e\u30b5\u30fc\u30d0\u8a3c\u660e\u66f8\u3092\u4f7f\u3063\u3066\u3044\u305f\u304c\u3001\u30e1\u30fc\u30e9\u30fc\u306b\u3088\u3063\u3066\u306f\u516c\u5f0f\u306a\u8a3c\u660e\u66f8\u3067\u306a\u3044\u3068\u30a2\u30ab\u30a6\u30f3\u30c8\u8a2d\u5b9a\u3067\u304d\u306a\u3044\u3082\u306e\u304c\u3042\u3063\u3066\u3061\u3087\u3063\u3068\u56f0\u3063\u305f\u306e\u3067\u3001\u8a3c\u660e\u66f8\u3092\u6b63\u5f0f(\u516c\u5f0f)\u306a\u3082\u306e\u306b\u3057\u305f\u3002<\/p>\n\n\n\n

\u3064\u3044\u3067\u306b\u3001SSL\/TLS\u306e\u5bfe\u5fdc\u3082\u3057\u3066\u304a\u3044\u305f\u3002<\/p>\n\n\n\n

\u30b5\u30fc\u30d0\u8a3c\u660e\u66f8\u306e\u4f5c\u6210<\/h2>\n\n\n\n

\u8a3c\u660e\u66f8\u306fWeb\u30b5\u30fc\u30d0\u3068\u540c\u3058\u304f\u3001certbot\u3067\u4f5c\u6210\u3067\u304d\u308b\u3002\u624b\u9806\u306f\u4ee5\u4e0b\u3002<\/p>\n\n\n\n

root@svr:\/etc\/letsencrypt# certbot certonly --webroot -w \/home\/share\/web-root\/html -d svr.sakanashi.mydns.jp\nSaving debug log to \/var\/log\/letsencrypt\/letsencrypt.log\nRequesting a certificate for svr.sakanashi.mydns.jp\n\nSuccessfully received certificate.\nCertificate is saved at: \/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/fullchain.pem\nKey is saved at:         \/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/privkey.pem\nThis certificate expires on 2026-03-24.\nThese files will be updated when the certificate renews.\nCertbot has set up a scheduled task to automatically renew this certificate in the background.\n\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -\nIf you like Certbot, please consider supporting our work by:\n * Donating to ISRG \/ Let's Encrypt:   https:\/\/letsencrypt.org\/donate\n * Donating to EFF:                    https:\/\/eff.org\/donate-le\n- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -<\/code><\/pre>\n\n\n\n
postfix\u306e\u8a2d\u5b9a\u5909\u66f4<\/h2>\n\n\n\n
\/etc\/postfix\/main.cf\u306b\u4ee5\u4e0b\u3092\u8ffd\u52a0\u3059\u308b\u3002<\/p>\n\n\n\n
# SSL\/TLS\u306e\u8a2d\u5b9a\nsmtpd_tls_security_level = may\nsmtpd_tls_cert_file = \/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/fullchain.pem\nsmtpd_tls_key_file = \/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/privkey.pem\nsmtpd_tls_session_cache_database = btree:${data_directory}\/smtpd_scache<\/code><\/pre>\n\n\n\n
\/etc\/postfix\/master.cf\u306e\u4ee5\u4e0b\u306e\u90e8\u5206\u3092\u5909\u66f4\u3059\u308b\u3002<\/p>\n\n\n\n
submission inet n       -       y       -       -       smtpd \uff1a\u30b3\u30e1\u30f3\u30c8\u89e3\u9664\n  -o syslog_name=postfix\/submission \uff1a\u30b3\u30e1\u30f3\u30c8\u89e3\u9664\n#  -o smtpd_tls_security_level=encrypt\n  -o smtpd_sasl_auth_enable=yes \uff1a\u30b3\u30e1\u30f3\u30c8\u89e3\u9664<\/code><\/pre>\n\n\n\n
SMTPS\u3092\u4f7f\u3046\u305f\u3081\u306b\u4ee5\u4e0b\u3092\u8ffd\u52a0\u3059\u308b\u3002<\/p>\n\n\n\n
# SMTPS (465) \u3092\u4f7f\u7528\u3059\u308b\u8a2d\u5b9a\nsmtps     inet  n       -       n       -       -       smtpd\n  -o syslog_name=postfix\/smtps\n  -o smtpd_tls_wrappermode=yes\n  -o smtpd_sasl_auth_enable=yes<\/code><\/pre>\n\n\n\n
dovecot\u306e\u8a2d\u5b9a\u5909\u66f4<\/h2>\n\n\n\n
\/etc\/dovecot\/conf.d\/10-ssl.conf\u306e\u4ee5\u4e0b\u3092\u5909\u66f4\u3059\u308b\u3002<\/p>\n\n\n\n
ssl = yes  : \u30b3\u30e1\u30f3\u30c8\u89e3\u9664\n\nssl_cert = <\/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/fullchain.pem  : \u30b3\u30e1\u30f3\u30c8\u89e3\u9664\uff06\u30d1\u30b9\u5909\u66f4\nssl_key = <\/etc\/letsencrypt\/live\/svr.sakanashi.mydns.jp\/privkey.pem  : \u30b3\u30e1\u30f3\u30c8\u89e3\u9664\uff06\u30d1\u30b9\u5909\u66f4<\/code><\/pre>\n\n\n\n
\u30dd\u30fc\u30c8\u3092\u958b\u3051\u308b<\/h2>\n\n\n\n
SSL\/TLS\u306e\u30dd\u30fc\u30c8\u3092\u958b\u3051\u308b\u3002<\/p>\n\n\n\n
ufw allow 995\/tcp\nufw allow 465\/tcp<\/code><\/pre>\n\n\n\n
\u203b STARTTLS\u3092\u4f7f\u3046\u5834\u5408\u306f\u30dd\u30fc\u30c8\u306f25\u3001110\u304c\u7a7a\u3044\u3066\u3044\u308c\u3070\u3088\u3044\u3089\u3057\u3044\u3002<\/p>\n\n\n\n
postfix\u3068dovecot\u3092\u518d\u8d77\u52d5<\/h2>\n\n\n\n
\u6e96\u5099\u304c\u3067\u304d\u305f\u3068\u3053\u308d\u3067\u3001postfix\u3068dovecot\u3092\u518d\u8d77\u52d5\u3059\u308b\u3002<\/p>\n\n\n\n
systemctl restart postfix\nsystemctl restart dovecot<\/code><\/pre>\n\n\n\n
\u30e1\u30fc\u30e9\u30fc\u306e\u8a2d\u5b9a\u5909\u66f4\uff06\u30c6\u30b9\u30c8<\/h2>\n\n\n\n
\u30e1\u30fc\u30e9\u30fc\u306e\u30a2\u30ab\u30a6\u30f3\u30c8\u8a2d\u5b9a\u3067\u63a5\u7d9a\u65b9\u6cd5\u3092\u5909\u66f4\u3057\u3066\u30c6\u30b9\u30c8\u3092\u884c\u3046\u3002<\/p>\n\n\n\n
sylpheed\u3067\u4ee5\u4e0b\u306e\u3088\u3046\u306b\u8a2d\u5b9a\u3001\u9001\u53d7\u4fe1\u306e\u30c6\u30b9\u30c8\u3092\u884c\u3044\u3001\u6b63\u5e38\u306b\u52d5\u4f5c\u3059\u308b\u3053\u3068\u3092\u78ba\u8a8d\u3057\u305f\u3002<\/p>\n\n\n\n
\"\"<\/figure>\n","protected":false},"excerpt":{"rendered":"
\u30e1\u30fc\u30eb\u30b5\u30fc\u30d0\u306b\u306f\u81ea\u524d\u306e\u30b5\u30fc\u30d0\u8a3c\u660e\u66f8\u3092\u4f7f\u3063\u3066\u3044\u305f\u304c\u3001\u30e1\u30fc\u30e9\u30fc\u306b\u3088\u3063\u3066\u306f\u516c\u5f0f\u306a\u8a3c\u660e\u66f8\u3067\u306a\u3044\u3068\u30a2\u30ab\u30a6\u30f3\u30c8\u8a2d\u5b9a\u3067\u304d\u306a\u3044\u3082\u306e\u304c\u3042\u3063\u3066\u3061\u3087\u3063\u3068\u56f0\u3063\u305f\u306e\u3067\u3001\u8a3c\u660e\u66f8\u3092\u6b63\u5f0f(\u516c\u5f0f)\u306a\u3082\u306e\u306b\u3057\u305f\u3002 \u3064\u3044\u3067\u306b\u3001SSL\/TLS\u306e\u5bfe\u5fdc\u3082\u3057\u3066\u304a\u3044\u305f […]<\/p>\n","protected":false},"author":1,"featured_media":526,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[22,21],"tags":[62,61,63,51],"class_list":["post-569","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-pc_server","category-others","tag-dovecot","tag-postfix","tag-ssl-tls","tag-51"],"_links":{"self":[{"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/posts\/569","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/comments?post=569"}],"version-history":[{"count":2,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/posts\/569\/revisions"}],"predecessor-version":[{"id":575,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/posts\/569\/revisions\/575"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/media\/526"}],"wp:attachment":[{"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/media?parent=569"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/categories?post=569"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.sakanashi.mydns.jp\/wprss\/index.php\/wp-json\/wp\/v2\/tags?post=569"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}