class: center, middle, white, bg-black # Du SSL simple et gratuit .gray.large[<i class="fa fa-twitter fa-fw"></i>[@dlecan](https://twitter.com/dlecan) - #web2day] --- class: dlecan, center, middle Par # Damien Lecan <i class="fa fa-heart red fa-lg fa-fw"></i>Open Source - Web CTO @.red[[SQLI](http://www.sqli.com)] --- background-image: url(resources/https.png) --- # HTTPS par défaut ! -- <i class="fa fa-user-secret"></i> Protection contre le vol de données <i class="fa fa-google"></i> [SEO](http://googleonlinesecurity.blogspot.fr/2014/08/https-as-ranking-signal_6.html)</a> <i class="fa fa-html5"></i> API HTML5 <i class="fa fa-bolt"></i> HTTP/2 --- class: center, middle, white, bg-black # .x-large[<i class="fa fa-unlock red"></i> <i class="fa fa-long-arrow-right white"></i> <i class="fa fa-lock green"></i>] # <i class="fa fa-question-circle-o m-large"></i> --- class: center, middle -- Génération clé privée --     <i class="fa fa-check-square-o large green"></i> -- Génération CSR --     <i class="fa fa-check-square-o large green"></i> -- Envoi CSR + .orange[<i class="fa fa-dollar"></i><i class="fa fa-dollar"></i><i class="fa fa-dollar"></i>] auprès de votre fournisseur --     <i class="fa fa-check-square-o large green"></i> -- Réception certificat X.509 --     <i class="fa fa-check-square-o large green"></i> -- Configuration TLS + X509 + clé privée --     <i class="fa fa-check-square-o large green"></i> -- .large.green[It works!] --- class: center, middle  .large.red[Renouvellement du certificat ?] --- class: center, middle  .s-large[Gratuit, automatisé, ouvert] --- class: center, middle  .large[† Let's Encrypt (AC) + protocole ACME] --- # AC + protocole ACME + [Certbot](https://certbot.eff.org/) -- - Délivrer ou renouveller des certificats - Type <i/>DV</i> + extension SAN - Configurer des serveurs Web -- .green.s-large.center[Automatiquement et gratuitement] --- class: center, middle, bg-black, white # .blue[Démo time] <br/> .large[http.red[S]://web2day.dlecan.com] --- background-image: url(resources/le-sponsors.png) # Sponsors --- class: center, middle <div class="figure"> <iframe width="900" height="650" frameborder="0" scrolling="no" src="https://plot.ly/~letsencrypt/7.embed"></iframe> </div> --- # Limites majeures - Seul Apache est vraiment supporté - Nombreux efforts de la communauté - Serveurs <u>d'accès public uniquement</u> --- # Conclusion -- ## Ère du Web sécurisé par défaut -- ## Let's Encrypt : simple et gratuit --- class: bg-black, center, white, middle layout: false # .blue.title[Merci !]   .gray.large[<i class="fa fa-twitter fa-fw"></i>[@dlecan](https://twitter.com/dlecan) - #web2day] .footnote.left[Built with [remark](https://github.com/gnab/remark/)]