Page 1 of 1

How to do a secure OTA?

Posted: Sat Feb 23, 2019 4:30 am
by fmuller-pi

ESP example in their SDK shows an OTA example working with a simple HTTP local server and a GET request example.
I would like to implement a process that is more secure (HTTPS, or else?). I am working with Google Cloud as my IoT solution to store my firmware bin images.
Does anyone have a way of doing this using their ESP8266_RTOS_SDK? I'm open to any viable suggestion.


Re: How to do a secure OTA?

Posted: Mon Feb 25, 2019 8:29 am
by fmuller-pi

I have looked at the example of ota https for the ESP32, but it doesn't seem easy to port over to the ESP8266 RTOS SDK because there are lots and lots of differences between the 2 SDKs...

I wish Espressif had implemented a HTTPS for ota on the ESP8266.....

Anyone has done it before though??

Re: How to do a secure OTA?

Posted: Tue Feb 26, 2019 8:18 am
by AgentSmithers
Hi FMuller! I wanted to chime in again to at least let you there are eyes on your post. I'm running up for implementing SSL for the 8266 here pretty shortly as I recall there are a few API calls that are needed and an SSL Base64key needing to be injected into the C Source code. I may be wrong on this topic but like I said in the next week or so I'll be tackling this myself. (Again sadly I'll be doing it with NONOS SDK)

Re: How to do a secure OTA?

Posted: Thu Feb 28, 2019 3:39 am
by fmuller-pi
Thanks for the help Agent!

At that point, I am still trying to resolve my issue. I am trying to create a secure connection following the example in Openssl_Client, but so far I have not been able to connect successfully to my google cloud bucket...
One of the first issues I am bumping into is that at the line:

Code: Select all

http_connect_flag = connect(socket_id, (struct sockaddr *)&sock_info, sizeof(sock_info));

This returns errno 113 and I don't know why so far...