Jim's Depository

ESP32 OTA updates using HTTP instead of HTTPS

The ESP32 HTTPS over the air update mechanism requires you to know the SSL certificate used by the web server. This is problematic in a letsencrypt, fast expiring certificate world, but also for devices which will be deployed for long time frames.

It is possible to disable the SSL using the CONFIG_OTA_ALLOW_HTTP option. The SDK will tell you this should only be used for development, but if you also used signed firmware it is safe for deployed use.

Rather than protect the pipe the firmware traverses and blindly accepting anything coming down that pipe, you will instead not trust the pipe and validate the firmware as it arrives.

See the Secure OTA Updates Without Secure boot section. In a nutshell, you will make a private signing key and the OTA updates will be checked against that key.

Notes Thee Well!

If your firmware itself is sensitive, then don't do this. It can be snooped in transit. On the other hand, in the regular HTTPS scheme there is a URL which provides a copy of your firmware, so you are probably already working on something for that.

2023	June	1
	January	1
2022	December	1
	November	2
	June	1
	April	2
2021	September	1
	August	1
	March	4
2020	November	12
2015	August	1
	June	1
	April	2
	February	2
	January	3
2014	December	1
	November	1
2013	February	1
	January	4
2012	December	1
	November	1
	October	1
	June	1
	May	1
	March	1
	February	1
2011	May	2
	March	2
	January	2
2010	December	2
	November	2
	October	2
	September	1
	July	1
	June	4
	May	1
	March	4
2009	September	2
	August	1
	July	4