ESP32 OTA via HTTPS
Вставка
- Опубліковано 26 жов 2018
- How to perform OTA (Over-The-Air) updates of the firmware running on your esp32 IoT project using only componenents included in the esp-idf framework.
Link to my blog:
www.lucadentella.it/en/2018/10...
Link to my Github repository for the code:
github.com/lucadentella/esp32... - Наука та технологія
Thank you so much for posting this! I am glad to finally find someone who explained well, and thanks again for the code!
Thankyou very much. Greetings from New Zealand. Loved your explanation. You made what seemed to me to be very complex- to be actually not so complex.
And thankyou for sharing the code as well. Thanks to you I am OTA-ing! I have incorporated it as a component that I can shove into any wifi enabled project. Thanks again for taking time to share.
Wonderful tutorial. Well done Luca & thanks a lot for sharing all your projects. Now I have some reading for my Xmass vacations.
Grazie per il video. Molto utile come, d'altronde, il resto delle sue pubblicazioni
Clear and well explained, thank you!
Wonderful tutorial, Luca! I am very surprised to see an RTOS-IDE example, while the whole internet is intoxicated by the tons of Arduino examples.
Thanks Alexandru! As you wrote, I didn't want to write "yet another arduino tutorial" so I made these ones using only the esp-idf fw
Grande! molto chiaro ed utile
brilliant tutorials
Complimenti, ottimo video, molto utile!!
grazie mille!
Hello Luca , how do you used step by step debugging for esp32
Hello! Thank you so much for sharing all this information. I am stuck in 1:43 can you explain how to set up the server. You have a .bin file link in the CPanel and In the code you are using a .json file. Can you please explain the steps in between these.
I followed esp32 simple ota example.openssl gives .rnd file not found
Hi Luca, Thank you for your great tutorials...... Since we are configuring the partition as an "OTA", how we can use OTA with the custom partition of the SPIFFS?
Another question, if the website is an HTTP (not HTTPS) is the library still works?
Hi Amir! Thanks for your comment! With OTA you change the content of "app" partitions, it doesn't touch other partitions (SPIFFS, FAT...). If you want to upgrade also the SPIFFS content, you have to do it in your code (or use pre-made components). And no, the OTA component included in the framework requires HTTPS (for security reasons).
Thabks for this!
I love you! 😁 Thankssssssssssssss!
You’re my Hero.
;) thanks
Incredible.
You are a Gem... 👍👍👍
thanks!
Great example! Any chance we can do OTA using Dropbox? i.e. we put new bin and json file in a Dropbox folder and make the ESP32 get it from there?
Hi! I think it should work... I'm not an expert of Dropbox: is it possible to have a direct link to a file? If not, the code could be more complex because of the need of multiple calls to get the file content
I am trying esp idf simple ota example.
But i am getting error
OTA image invalid magic byte
How to solve this ?
Thank you
Good day Luca, How can we begin the OTA process in Http without having/passing any certificates?
Hi! You can't, at least using the component included in the framework. Of course you can program your own component/OTA routine or try to change the existing one (it's opensource after all...)
Hello Luca. Have you ever tried out to do OTA updates with ssl + mutual authentication ?
Hi, at the moment it seems that the http_client used by the OTA component does not support mutual authentication
Dear @@lucadentella , thank you for your response. Have a nice day and keep up the good work !!!
Hi! It seems that the latest version of esp_http_client DOES include the SSL mutual authentication! Let's give it a try:
docs.espressif.com/projects/esp-idf/en/latest/api-reference/protocols/esp_http_client.html#structesp__http__client__config__t
Buenas Luca! Thank you for your video. It is really helpfully. Could you explain a bit more certificate generation part? Which is this process for netsons hosting that are you using at the example? Great job! thanks in advance.
Hi! Netsons provides a way (from the admin console) to generate SSL certificates for your hosted websites: you normally don't need to generate them manually. You only need to download it and pass to you code for validation
Hi. what about we reset mcu? it last firmware from memory or get new firmware on every boot?
Of course it takes the current firmware after a reset
Thanks from bangladesh.
hi can u help me to do this project
Thank for your tutorial.
I wish to put the binary file on my repository at github.com. How can I get certs.pem file ? Can I use your file ?
you should be able to download certificate bundle from Github
@@lucadentella Can you help me how to download them ?
Too good ...........
Luca, it possible to do on platformio?
sure, platform.io is an IDE, just make sure you're using the esp-idf framrwork and not the esp32-arduino
Just so that others are not confused, it is platformio.org (platform.io is something else) :-)
Thanks for your video. Grazie mille.
How can I make file .bin? With the IDE Arduino?
Best regards
No, you need the esp-idf framework... see esp-idf.readthedocs.io/ to install and configure it
@@lucadentella Is there similar OTA mechanism (over HTTPS and that would work from outside of home network) that would be working with Arduino IDE? I have a lot of other stuff already on Arduino IDE/C++ and need this type of OTA, rewriting all for ESP-IDF/C is way too much work. Or maybe there is a way to somehow have this OTA mechanism work with the rest of code made in Arduino IDE? Thank you!
@@VitalyStockman Got the same problem. Have you found a solution?
@@NickName-ck2hy yes, we use this library. Allows to do OTA from anywhere over the internet. Using Arduino IDE. Here is the library: github.com/arvindr21/esp32-ota-https
@@VitalyStockman thanks :)
Hi. thank you for tutorial. Unofrtunately I have been using Arduino IDE for compiling sketches for ESP32. I made litlle modification to be able to compile, but even uploading succesfully (after defining the const * char server_cert) the code is unable to show it is executing. Can you make a tutorial to show steps and method you use for compiling this code , and uploading please?
Hi, my tutorials are based on the "pure" esp32 framework, not designed to be used with Arduino IDE (on the Internet there are a lot of good tutorials for that, for example check randomnerdtutorial website)
Bellissimo video potresti rifarlo in italiano magari anche l’altro in seguito quello che spiega come downgreadare ad una versione vecchia sei un grande subito inscritto
Ciao Calogero, grazie per il commento.. questo video è relativo ad un tutorial di ormai quattro anni fa... puoi trovare il relativo articolo in italiano sul mio blog
Thank you sir.
But json file is getting downloaded, the rcv_buffer is empty always. Any solution please.Thank you sir.
Hi, can you better explain your issue? share your code maybe?
It looks very nice, Do you think it would run over ESP8266?
not using this exact code because it's based on the esp32 framework but I was able to find on the Internet several examples about how to perform OTA with ESP8266 (one is gist.github.com/igrr/24dd2138e9c8a7daa1b4)
Wow! Great Video.
Can I not export a bin file from Arduino IDE and do this procedure?
sorry my tutorials are NOT for Arduino but for the esp-idf framework... I
Anyway I found that esp32-arduino is shipped with OTA examples, give them a try: lastminuteengineers.com/esp32-ota-web-updater-arduino-ide/
@@lucadentella Hi, Thanks for the quick reply, I found that this tutorial is for local use and yours helps remotely upload sketches.
Also, I see no difference in that tutorial and yours except that you're using CLI for the same tasks.
So, exporting a bin from Arduino IDE should work too!
Thanks a lot for your detailed idea, will let you know the results!
Can i do this with GSM Module?
if it provides internet connection, I think it should work (you'd probably change something in the HTTPclient part because I think it assumes a wifi connection)
what to code in ESP ?
hi, code is in my github repo, check the video description
Beautifully Done !
Bravo !
Do I have permission to use this code in my projects ?
sure!
@@lucadentella Is there an easy way to convert all the code to Arduino Compiler ?
cmake is not very user friendly :(
@@shakaibsafvi97 for Arduino I found - not tested! - ready-to-use OTA libraries
You can use all the esp-IDF functions and libraries in arduino if you have installed esp32 board support in your arduino ide. All the esp32-arduino libraries and functions are based on esp-idf hal.
hello there... In original ESP-IDF OTA examples, there is only connection to .bin file on webserver (or some net location).
That mean, board will download it each time in "loop"? How it know, that bin file changed or not? Or I am not understand it correctly? You have made .json file where you put version 0.2, 0.1 etc.. and if it is difference, it will download bin file and run it..
github.com/espressif/esp-idf/tree/master/examples/system/ota
Edit: 2 hours later......
Oh yes... I understand it now. But i cannot compile your code, because it is old with Makefile and make command isnt working on my ESP-IDF 3.3. I dont know how to install it correctly to support toolchain and other dependencies...
How you downloaded certifivcate bundle from gthub?
@@junaidahmed-kc6li you don't need to download it. You have already it in your ESP-IDF. You need only to use it.
I am getting the error "downloaded file is not a valid json". Also if the rcv_buffer is empty at start of the code, it will always return NULL. Isn't it?
Hi, are you using my example? Or a file hosted by you?
@@lucadentella i tried using both
@@MuhammadAwais-cf5vr I've just tested my example and it works for me... are you sure your devboard is correctly connected to the Internet?
@@lucadentella yes my board is connected. When i print the rcv_buffer it shows the result but not parsing the json.
Can I use aws as web hosting service ? what do you suggest?
I never tested aws hosting service but as long as it is a "standard" https service it should work
@@lucadentella grazie mille luca.. una volta creato domimio e associato server su netsons dove trovo la gui pe rinserire il json . .? grazie ..
Inoltre ho questo warning nel cpanel Primary Domain (Self-Signed Certificate) .. come posso risolvere ? Grazie
@@simonegasparella1228 io apro il cPanel del servizio hosting e da li uso la funzione Gestione file per editare come indicato nel videotutorial
@@simonegasparella1228 per il warning non saprei dirti, a me non appare ma on sono sicuramente un esperto di netsons, puoi provare con il loro supporto tecnico
@@lucadentella ho risolto grazie mille..
How to update via bluetooth on ESP32?
Sparkfun has a great tutorial about it: learn.sparkfun.com/tutorials/esp32-ota-updates-over-ble-from-a-react-web-application/all
I think I found a security risk. The code only checks for authentication (using the certificate) while calling the "esp_https_ota" function. But the code does not check for authentication while downloading the JSON file. That is enough for a man-in-the-middle-attack, right?
For example, an attacker could use DNS spoofing to redirect you to his own JSON file, pointing you to the address of his own malicious binary file. As long as his binary file is hosted on a legit domain with the SAME ROOT CERTIFICATE as the legit binary file's domain, the second authentication check will not detect the deception.
you're right, in a real application you should perform additional checks (maybe also digitally sign the firmware)
any way to upload Spiffs via OTA??
sure! it's quite easy to download a file and store it to SPIFFS... you can find several examples with Google
@@lucadentella checked everywhere I couldn't find a genuine result! Can someone please share a link or code?
@@shamilyazeen4062 This library should be able to do what you're looking for: github.com/chrisjoyce911/esp32FOTA and check also this forum thread esp32.com/viewtopic.php?t=3775
@@lucadentella Thanks Luca . I will check it out :)
ok but how do you do to set the wifi password and name ? i mean, i want to give prototype to friends of mine and do ota to update the firmware, but they need to put their own wifi etc ... explain to me please
@pigeonramier6898 you probably need to include a wifi manager in your program, so that your friends can configure their wifi settings by their own... like tasmota or other firmwares normally do
@@lucadentella what I don't technically understand is the programme , it's like, we can put several program into the esp ? I use Arduino ide but when I put something inside it erase the past program, for exemple when load blink exemple then an other exemple program, it keep the new one and remove the other one so how can I load a wifi manager + a OTA program ?
@pigeonramier6898 you have to include the wifi manager in your program... if you're using arduino, it's very easy (include the library, add the required code in your setup). This is not a tutorial about esp32 and arduino but on UA-cam you can find several videos about that
Thanks for a great tutorial. Can you recommend alternatives to netsons.co.?
I normally use italian companies (tophost, aruba...) but any hosting providers should do the job...
How to solve certificate issue?
which issue?
@@lucadentella i am facing handshake issue mdtls handshake issue... please do upload one video on it please.......
did you solve?@@muhammadsharjeel4941
excellent explanation. Thanks for the upload