{"id":19698,"date":"2018-12-12T09:15:22","date_gmt":"2018-12-12T00:15:22","guid":{"rendered":"http:\/\/www.techscore.com\/blog\/?p=19698"},"modified":"2018-12-13T14:16:44","modified_gmt":"2018-12-13T05:16:44","slug":"aws_sophos-utm-9","status":"publish","type":"post","link":"https:\/\/www.techscore.com\/blog\/2018\/12\/12\/aws_sophos-utm-9\/","title":{"rendered":"AWS\u3067\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u88fd\u54c1(Sophos UTM 9)\u3092\u5c0e\u5165\u3057\u3066\u307f\u305f\u301cHTTPS\u30d7\u30ed\u30ad\u30b7\u5c0e\u5165\u7de8\u301c"},"content":{"rendered":"

\u3053\u3093\u306b\u3061\u306f\u6a2a\u90e8\u3067\u3059\u3002
\n\u3053\u308c\u306fTECHSCORE Advent Calendar 2018<\/a>\u306e12\u65e5\u76ee\u306e\u8a18\u4e8b\u3067\u3059\u3002<\/p>\n

\u524d\u56de<\/a>\u306f Sophos UTM \u3092\u4f7f\u3063\u3066HTTP\u30d7\u30ed\u30ad\u30b7\u306e\u5c0e\u5165\u3092\u884c\u3044\u307e\u3057\u305f\u3002
\n\u4eca\u56de\u306fHTTPS\u30d7\u30ed\u30ad\u30b7\u3092\u7a3c\u50cd\u3055\u305b\u3066\u307f\u307e\u3059\u3002<\/p>\n

HTTPS\u30d7\u30ed\u30ad\u30b7\u306e\u6709\u52b9\u5316<\/h2>\n

HTTPS\u30d7\u30ed\u30ad\u30b7\u306e\u6709\u52b9\u5316\u306f\u3001
\nWeb\u30d7\u30ed\u30c6\u30af\u30b7\u30e7\u30f3 \u2192 Web\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u306e\u300cHTTPS\u300d\u30bf\u30d6\u304b\u3089\u884c\u3048\u307e\u3059\u3002<\/p>\n

\u300c\u5fa9\u53f7\u5316\u3057\u3066\u30b9\u30ad\u30e3\u30f3\u300d\u3092\u30c1\u30a7\u30c3\u30af\u3057\u3066\u9069\u7528\u3059\u308b\u3053\u3068\u3067\u3001HTTPS\u3067\u3082\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u304c\u6709\u52b9\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n

\"\"<\/a><\/p>\n

\u3057\u304b\u3057\u3053\u308c\u3092\u6709\u52b9\u306b\u3059\u308b\u3068\u3001SSL\u8b66\u544a\u304c\u767a\u751f\u3057\u307e\u3059\u3002
\n\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u3068\u30d7\u30ed\u30ad\u30b7\u9593\u306e\u30bb\u30c3\u30b7\u30e7\u30f3\u306f\u3001Sophos UTM \u306e\u8a8d\u8a3c\u5c40\u3067\u767a\u884c\u3057\u305f\u81ea\u5df1\u7f72\u540d\u8a3c\u660e\u66f8\u304c\u4f7f\u7528\u3055\u308c\u308b\u305f\u3081\u3001\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306f\u30d7\u30ed\u30ad\u30b7\u304b\u3089\u9001\u4ed8\u3055\u308c\u305f\u516c\u958b\u9375\u8a3c\u660e\u66f8\u304c\u4fe1\u983c\u3067\u304d\u307e\u305b\u3093\u3002
\n\u305d\u306e\u305f\u3081\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306b Sophos UTM \u306e\u8a8d\u8a3c\u5c40\u306e\u8a3c\u660e\u66f8\u3092\u767b\u9332\u3059\u308b\u5fc5\u8981\u304c\u3042\u308a\u307e\u3059\u3002<\/p>\n

Sophos UTM \u306eCA\u8a3c\u660e\u66f8\u3092\u5165\u624b\u3059\u308b\u65b9\u6cd5\u306f2\u7a2e\u985e\u3042\u308a\u307e\u3059\u3002<\/p>\n

\u4e00\u3064\u306f\u3001Web\u30d7\u30ed\u30c6\u30af\u30b7\u30e7\u30f3 \u2192 \u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u300cHTTPS CA\u300d\u30bf\u30d6\u304b\u3089\u5165\u624b\u3059\u308b\u65b9\u6cd5\u3067\u3059\u3002<\/p>\n

\u300c\u7f72\u540dCA\u300d\u3092\u300c\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u300d\u3057\u3066\u8a3c\u660e\u66f8\u3092\u4fe1\u7528\u3059\u308b\u3053\u3068\u3067\u3001\u305d\u306e\u8a3c\u660e\u66f8\u3092\u4f7f\u3063\u3066HTTPS\u901a\u4fe1\u304c\u884c\u308f\u308c\u3001\u8b66\u544a\u304c\u56de\u907f\u3067\u304d\u307e\u3059\u3002<\/p>\n

\"\"<\/a><\/p>\n

\u3082\u3046\u4e00\u3064\u306f\u30e6\u30fc\u30b6\u30dd\u30fc\u30bf\u30eb\u304b\u3089\u8a3c\u660e\u66f8\u3092\u5165\u624b\u3059\u308b\u65b9\u6cd5\u3067\u3059\u3002
\n\u30de\u30cd\u30b8\u30e1\u30f3\u30c8 \u2192 \u30e6\u30fc\u30b6\u30dd\u30fc\u30bf\u30eb\u306e\u30b0\u30ed\u30fc\u30d0\u30eb\u30bf\u30d6\u304b\u3089\u300c\u30e6\u30fc\u30b6\u30dd\u30fc\u30bf\u30eb\u300d\u3092\u6709\u52b9\u5316\u3067\u304d\u307e\u3059\u3002<\/p>\n

\"\"<\/a><\/p>\n

\u305f\u3060\u3053\u3061\u3089\u3082\u4e0d\u7528\u610f\u306b\u30aa\u30fc\u30d7\u30f3\u306b\u3059\u308b\u3068\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u306b\u5229\u7528\u3055\u308c\u308b\u30ea\u30b9\u30af\u304c\u3042\u308b\u306e\u3067\u6ce8\u610f\u304c\u5fc5\u8981\u3067\u3059\u3002
\n\u63a5\u7d9a\u3092\u5236\u9650\u3057\u3066\u8a31\u53ef\u3055\u308c\u305f\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u307e\u305f\u306f\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u7d4c\u7531\u3067\u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c9\u3092\u5229\u7528\u3057\u3066\u30a2\u30af\u30bb\u30b9\u3059\u308b\u3068\u3088\u308a\u5b89\u5168\u3067\u3059\u3002<\/p>\n

\nssh -i \/path\/to\/key -t -L 4443:${PRIVATE_IP}:443 ec2-user@${EC2_HOST}\n<\/pre>\n
https:\/\/loccalhost:4443\/<\/a> ( \u307e\u305f\u306f https:\/\/127.0.0.1:4443\/<\/a> )<\/p>\n
\u30ed\u30b0\u30a4\u30f3\u3059\u308b\u3068\u300cWeb\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u300d\u30bf\u30d6\u304b\u3089\u300cWeb\u30d5\u30a3\u30eb\u30bfCA\u8a3c\u660e\u66f8\u306e\u30a4\u30f3\u30dd\u30fc\u30c8\u300d\u304c\u5b9f\u884c\u3067\u304d\u307e\u3059\u306e\u3067\u3001\u305d\u3053\u304b\u3089\u8a3c\u660e\u66f8\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3067\u304d\u307e\u3059\u3002<\/p>\n
\"\"<\/a><\/p>\n
HTTP\u30d7\u30ed\u30ad\u30b7\u3068\u540c\u69d8\u306e\u624b\u9806\u3067HTTPS\u30d7\u30ed\u30ad\u30b7\u306e\u8a2d\u5b9a\u3092\u884c\u3044\u30c6\u30b9\u30c8\u3059\u308c\u3070\u3001\u52d5\u4f5c\u3092\u78ba\u8a8d\u3059\u308b\u3053\u3068\u304c\u3067\u304d\u307e\u3059\u3002<\/p>\n
\u4f59\u8ac7\u3067\u3059\u304c\u3001HTTPS\u30d7\u30ed\u30ad\u30b7\u306a\u306e\u306b\u30dd\u30fc\u30c8\u756a\u53f7\u304c8080\u306e\u307e\u307e\u3060\u3068\u4e0d\u90fd\u5408\u304c\u3042\u308b\u5834\u5408\u306f\u3001
\nWeb\u30d7\u30ed\u30c6\u30af\u30b7\u30e7\u30f3 \u2192 \u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u30aa\u30d7\u30b7\u30e7\u30f3\u306e\u300c\u8a73\u7d30\u300d\u30bf\u30d6\u3067\u30dd\u30fc\u30c8\u756a\u53f7\u306e\u5909\u66f4\u304c\u53ef\u80fd\u3067\u3059\u3002<\/p>\n
\"\"<\/a><\/p>\n
\u30e6\u30fc\u30b6\u8a8d\u8a3c\u306e\u8a2d\u5b9a<\/h2>\n
\u7279\u5b9a\u306e\u30e6\u30fc\u30b6\u306e\u307f\u306b\u30d7\u30ed\u30ad\u30b7\u306e\u5229\u7528\u3092\u8a31\u53ef\u3057\u305f\u3044\u5834\u5408\u306f\u30e6\u30fc\u30b6\u8a8d\u8a3c\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002
\nWeb\u30d7\u30ed\u30c6\u30af\u30b7\u30e7\u30f3 \u2192 Web\u30d5\u30a3\u30eb\u30bf\u30ea\u30f3\u30b0\u306e\u300c\u30b0\u30ed\u30fc\u30d0\u30eb\u300d\u30bf\u30d6\u304b\u3089\u8a2d\u5b9a\u3092\u884c\u3048\u307e\u3059\u3002
\n\u30aa\u30da\u30ec\u30fc\u30b7\u30e7\u30f3\u30e2\u30fc\u30c9\u306e\u300c\u30c7\u30d5\u30a9\u30eb\u30c8\u8a8d\u8a3c\u300d\u3092\u300c\u57fa\u672c\u30e6\u30fc\u30b6\u8a8d\u8a3c\u300d\u306b\u3057\u3066\u9069\u7528\u3092\u884c\u3044\u307e\u3059\u3002<\/p>\n
\"\"<\/a><\/p>\n
\u300c\u30dd\u30ea\u30b7\u30fc\u300d\u30bf\u30d6\u306b\u79fb\u52d5\u3057\u3001\u627f\u8a8d\u3059\u308b\u30e6\u30fc\u30b6\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002
\n\u4f8b\u3048\u3070admin\u30e6\u30fc\u30b6\u3067\u306e\u8a8d\u8a3c\u3092\u8a31\u53ef\u3059\u308b\u5834\u5408\u306f\u3001admin\u30e6\u30fc\u30b6\u3092\u8ffd\u52a0\u3057\u307e\u3059\u3002
\n\u300c\u30d5\u30a3\u30eb\u30bf\u30a2\u30af\u30b7\u30e7\u30f3\u300d\u3092\u8ffd\u52a0\u3057\u3066\u300cDefault content filter action\u300d\u3092\u9078\u629e\u3057\u3066\u4fdd\u5b58\u3057\u307e\u3059\u3002<\/p>\n
\"\"<\/a><\/p>\n
\u3053\u306e\u72b6\u614b\u306b\u306a\u308b\u3068\u30d7\u30ed\u30ad\u30b7\u5229\u7528\u6642\u306bID\u3068\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3057\u306a\u3044\u3068\u30d7\u30ed\u30ad\u30b7\u304c\u5229\u7528\u3067\u304d\u306a\u3044\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002<\/p>\n
\u691c\u8a3c<\/h2>\n
\u8a66\u3057\u306b\u30e6\u30fc\u30b6\u8a8d\u8a3c\u3068HTTPS\u30d7\u30ed\u30ad\u30b7\u306e\u30c6\u30b9\u30c8\u3092\u884c\u3044\u307e\u3059\u3002
\n\u5404\u30d6\u30e9\u30a6\u30b6\u3067HTTP\u30d7\u30ed\u30ad\u30b7\u3092\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n
${PUBLIC_IP}:8443<\/code><\/p>\n
\u4e0d\u6b63\u30a2\u30af\u30bb\u30b9\u9632\u6b62\u306e\u305f\u3081\u306b\u30dd\u30fc\u30c8\u3092\u5236\u9650\u3057\u3066\u3044\u308b\u5834\u5408\u306f\u3001\u524d\u56de\u3068\u540c\u69d8\u306b\u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c9\u3092\u5fd8\u308c\u305a\u306b\u8a2d\u5b9a\u3057\u307e\u3059\u3002<\/p>\n
Sophos UTM \u3078\u306essh\u63a5\u7d9a\u304c\u8a31\u53ef\u3055\u308c\u305f\u30cd\u30c3\u30c8\u30ef\u30fc\u30af\u5185\u304b\u3089\u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c9<\/p>\n
\nssh -i \/path\/to\/key -t -L 8443:localhost:8443 loginuser@${PUBLIC_IP}\n<\/pre>\n
Sophos UTM \u3078\u306e\u30dd\u30fc\u30c8\u756a\u53f78080\u901a\u4fe1\u304c\u8a31\u53ef\u3055\u308c\u305f\u30a4\u30f3\u30b9\u30bf\u30f3\u30b9\u306bssh\u63a5\u7d9a\u3057\u3066\u30dd\u30fc\u30c8\u30d5\u30a9\u30ef\u30fc\u30c9<\/p>\n
\nssh -i \/path\/to\/key -t -L 8443:${PRIVATE_IP}:8443 ec2-user@${EC2_HOST}\n<\/pre>\n
localhost:8443 \u307e\u305f\u306f 127.0.0.1:8443<\/code><\/p>\n
\u305d\u3057\u3066\u30dd\u30ea\u30b7\u30fc\u306b\u8ffd\u52a0\u3057\u305f\u30e6\u30fc\u30b6\u306eID\u3068\u30d1\u30b9\u30ef\u30fc\u30c9\u3092\u5165\u529b\u3057\u307e\u3059\u3002<\/p>\n
\u8a66\u3057\u306b\u4ee5\u4e0b\u306e\u30b5\u30a4\u30c8\u306b\u63a5\u7d9a\u3057\u307e\u3059\u3002<\/p>\n
https:\/\/www.yahoo.co.jp\/<\/a><\/p>\n
\u63a5\u7d9a\u3067\u304d\u305f\u3089\u6210\u529f\u3067\u3059\u3002<\/p>\n
\u7d42\u308f\u308a\u306b<\/h2>\n
\u4ee5\u4e0a\u306e\u3088\u3046\u306b Sophos UTM \u3092\u4f7f\u3048\u3070\u3001HTTPS\u30d7\u30ed\u30ad\u30b7\u306e\u5c0e\u5165\u3068\u30e6\u30fc\u30b6\u8a8d\u8a3c\u306e\u8a2d\u5b9a\u304c\u7c21\u5358\u306b\u8a2d\u5b9a\u3067\u304d\u307e\u3059\u3002
\n\u3053\u308c\u3092\u4f7f\u3046\u3053\u3068\u3067\u3001\u901a\u4fe1\u3092\u76e3\u8996\u3057\u3066\u30a6\u30a3\u30eb\u30b9\u30c1\u30a7\u30c3\u30af\u3092\u884c\u3046\u30bb\u30ad\u30e5\u30a2\u306aHTTPS\u30d7\u30ed\u30ad\u30b7\u304c\u7c21\u5358\u306b\u4f5c\u6210\u3067\u304d\u307e\u3059\u306e\u3067\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u306e\u5411\u4e0a\u306b\u691c\u8a0e\u3055\u308c\u3066\u306f\u3044\u304b\u304c\u3067\u3057\u3087\u3046\u304b\uff1f<\/p>\n
\u53c2\u8003\u6587\u732e<\/h2>\n
Astaro Security Gateway \u4e0a\u3067\u72ec\u81ea\u306e HTTPS Proxy CA \u8a3c\u660e\u66f8\u3092\u4f7f\u7528\u3059\u308b\u65b9\u6cd5 - Sophos Community<\/a>
\nSophos ASG\/UTM Web Protection (\u30d7\u30ed\u30ad\u30b7) CA \u306e\u5c0e\u5165\u65b9\u6cd5 - Sophos Community<\/a>
\nhttps:\/\/ja.wikipedia.org\/wiki\/\u516c\u958b\u9375\u8a3c\u660e\u66f8<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"
\u3053\u3093\u306b\u3061\u306f\u6a2a\u90e8\u3067\u3059\u3002
\n\u3053\u308c\u306fTECHSCORE Advent Calendar 2018\u306e12\u65e5\u76ee\u306e\u8a18\u4e8b\u3067\u3059\u3002<\/p>\n
\u524d\u56de\u306f Sophos UTM \u3092\u4f7f\u3063\u3066HTTP\u30d7\u30ed\u30ad\u30b7\u306e\u5c0e\u5165\u3092\u884c\u3044\u307e\u3057\u305f\u3002
\u7d9a\u304d\u3092\u8aad\u3080...<\/a><\/p>\n","protected":false},"author":27,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[308,312,18,84],"tags":[141,119,75],"_links":{"self":[{"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/posts\/19698"}],"collection":[{"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/users\/27"}],"replies":[{"embeddable":true,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/comments?post=19698"}],"version-history":[{"count":35,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/posts\/19698\/revisions"}],"predecessor-version":[{"id":20660,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/posts\/19698\/revisions\/20660"}],"wp:attachment":[{"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/media?parent=19698"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/categories?post=19698"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.techscore.com\/blog\/wp-json\/wp\/v2\/tags?post=19698"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}