ESP32 OTA update firmware via HTTPS (code on platform)
Table of Contents
- ESP32 OTA firmware update via HTTPS (coded on platform)
- 1. Introduction to OTA technology
- 2. Introduction to this chapter
- 3. HTTPS OTA update process
-
- 3.1, HTTP OTA update process
- 3.2. HTTPS OTA update process
- 4. Implementation of HTTPS OTA
-
- 4.1. Write the firmware to be updated
- 4.2. Store the firmware to be updated on the Amazon S3 storage bucket. (firmware. bin)
- 4.2. Obtain Amazon S3 website certificate
- 4.3. Write HTTPS OTA update firmware program
- 4.4. Write the program, compile it, burn it into the ESP32 and press the reboot button to start the OTA update.
- 5. Questions
-
- 5.1 Problem 1: The certificate is wrong
- 5.2 Problem 2: The firmware can be downloaded, but the update still fails
1. Introduction to OTA technology
OTA: Over-the-Air Technology, literally means: over-the-air download technology.
OTA online upgrade: A way to realize product software update through OTA.
To put it simply, it is to update the firmware of esp32 through wireless, instead of updating the firmware through the traditional connecting data line.
2. Introduction to this chapter
The purpose of writing this article is to introduce a method of ESP32 OTA firmware update – update via HTTPS, this article is carried out under the environment of vscode + platform , refer to this article for the download method.
ESP32 PlatformIO IDE Installation Tutorial
3. HTTPS OTA update process
3.1, HTTP OTA update process
Before you know the HTTPS OTA update process, you must know the HTTP OTA update process.
①.Connect ESP32 to AP. e.g. mobile hotspot
②. Build the firmware to be updated on the PC.
③. Upload the .bin file to the server.
④. ESP32 automatically downloads.
3.2, HTTPS OTA update process
The only difference between HTTPS and HTTP is that the HTTPS protocol is a network protocol constructed by the SSL/TLS + HTTP protocol that can perform encrypted transmission and identity authentication. It is safer than the HTTP protocol, so you need to obtain a website certificate to perform OTA updates through HTTPS.
4. Implementation of HTTPS OTA
4.1, Write the firmware to be updated
In order to ensure that the updated firmware can run normally and the updated effect can be seen, we write a flashing program. (First compile and burn to ESP32 to see the effect)
Note: First configure which light to flash in the platformio.ini file.
My configuration (LED):
[env:esp32cam] platform = espressif32 board = esp32cam framework = arduino monitor_speed = 115200 build_flags= ; https://docs.espresslf.com/projects/esp-dif/en/latest/get-started/get-started-wrover-kit.html#rgb-led -D LED_BUILTIN=4 lib_deps = yoursunny/esp32cam@^0.0.20221229
ESP32 flash program
Effect: The interval between LED light on and off is 1s.
#include <Arduino.h> // Set LED_BUILTIN if it is not defined by Arduino framework // #define LED_BUILTIN 2 void setup() { // initialize LED digital pin as an output. pinMode(LED_BUILTIN, OUTPUT); } void loop() { // turn the LED on (HIGH is the voltage level) digitalWrite(LED_BUILTIN, HIGH); // wait for a second delay(1000); // turn the LED off by making the voltage LOW digitalWrite(LED_BUILTIN, LOW); // wait for a second delay(1000); }
4.2. Store the firmware to be updated on the Amazon S3 storage bucket. (firmware. bin)
Amazon is divided into international regions and China regions. I have tried to read files even if the permissions are set to everyone in the China region. The reason is that you need to contact AWS after-sales support for ICP filing before using S3 in the China region. So I put the firmware on the S3 in the international zone.
4.2. Obtain Amazon S3 website certificate
You can use openssl to obtain website certificates.
openssl is an open source software library package that can be used by applications to communicate securely, avoid eavesdropping, and confirm the identity of the other end of the connection. This package is widely used on web servers on the Internet.
Use openssl to view website certificate
4.3, write HTTPS OTA update firmware program
After the above-mentioned things to be prepared are ready, you can start writing the program to update the firmware.
To add WiFi name, WiFi password and obtained certificate to the code.
// This sketch provide the functionality of OTA Firmware Upgrade #include "WiFi.h" #include "HttpsOTAUpdate.h" #include "esp_ota_ops.h" // This sketch shows how to implement HTTPS firmware update Over The Air. // Please provide your WiFi credentials, https URL to the firmware image and the server certificate. static const char *ssid = "your-ssid"; // your network SSID (name of wifi network) static const char *password = "your-password"; // your network password static const char *url = "https://example.com/firmware.bin"; //state url of your firmware image static const char *server_certificate = "-----BEGIN CERTIFICATE-----\ " \ "MIIESTCCAzGgAwIBAgITBn + UV4WH6Kx33rJTMlu8mYtWDTANBgkqhkiG9w0BAQsF\ " \ "ADA5MQswCQYDVQQGEwJVUzEPMA0GA1UEChMGQW1hem9uMRkwFwYDVQQDExBBbWF6\ " \ " "b24gUm9vdCBDQSAxMB4XDTE1MTAyMjAwMDAwMFoXDTI1MTAxOTAwMDAwMFowRjEL\ " \ " "MAkGA1UEBhMCVVMxDzANBgNVBAoTBkFtYXpvbjEVMBMGA1UECxMMU2VydmVyIENB\ " \ " "IDFCMQ8wDQYDVQQDEwZBbWF6b24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK\ " \ " "AoIBAQDCThZn3c68asg3Wuw6MLAd5tES6BIoSMzoKcG5blPVo + sDORrMd4f2AbnZ\ " \ "cMzPa43j4wNxhplty6aUKk4T1qe9BOwKFjwK6zmxxLVYo7bHViXsPlJ6qOMpFge5\ " \ "blDP + 18x + B26A0piiQOuPkfyDyeR4xQghfj66Yo19V + emU3nazfvpFA + ROz6WoVm\ " \ "B5x + F2pV8xeKNR7u6azDdU5YVX1TawprmxRC1 + WsAYmz6qP + z8ArDITC2FMVy2fw\ " \ "0IjKOtEXc/VfmtTFch5 + AfGYMGMqqvJ6LcXiAhqG5TI + Dr0RtM88k + 8XUBCeQ8IG\ " \ "KuANaL7TiItKZYxK1MMuTJtV9IblAgMBAAGjggE7MIIBNzASBgNVHRMBAf8ECDAG\ " \ " "AQH/AgEAMA4GA1UdDwEB/wQEAwIBhjAdBgNVHQ4EFgQUWaRmBlKge5WSPKOUByeW\ " \ " "dFv5PdAwHwYDVR0jBBgwFoAUhBjMhTTsvAyUlC4IWZzHshBOCggwewYIKwYBBQUH\ " \ "AQEEbzBtMC8GCCsGAQUFBzABhiNodHRwOi8vb2NzcC5yb290Y2ExLmFtYXpvbnRy\ " \ " "dXN0LmNvbTA6BggrBgEFBQcwAoYuaHR0cDovL2NydC5yb290Y2ExLmFtYXpvbnRy\ " \ "dXN0LmNvbS9yb290Y2ExLmNlcjA/BgNVHR8EODA2MDSgMqAwhi5odHRwOi8vY3Js\ " \ "LnJvb3RjYTEuYW1hem9udHJ1c3QuY29tL3Jvb3RjYTEuY3JsMBMGA1UdIAQMMAow\ " \ " "CAYGZ4EMAQIBMA0GCSqGSIb3DQEBCwUAA4IBAQCFkr41u3nPo4FCHOTjY3NTOVI1\ " \ " "59Gt/a6ZiqyJEi + 752 + a1U5y6iAwYfmXss2lJwJFqMp2PphKg5625kXg8kP2CN5t\ " \ "6G7bMQcT8C8xDZNtYTd7WPD8UZiRKAJPBXa30/AbwuZe0GaFEQ8ugcYQgSn + IGBI\ " \ "8/LwhBNTZTUVEWuCUUBVV18YtbAiPq3yXqMB48Oz + ctBWuZSkbvkNodPLamkB2g1\ " \ "upRyzQ7qDn1X8nn8N8V7YJ6y68AtkHcNSRAnpTitxBKjtKPISLMVCx7i4hncxHZS\ " \ "yLyKQXhw2W2Xs0qLeC1etA + jTGDK4UfLeC0SF7FSi8o5LL21L8IzApar2pR/\ " \ "-----END CERTIFICATE-----"; static HttpsOTAStatus_t otastatus; void HttpEvent(HttpEvent_t *event) { switch(event->event_id) { case HTTP_EVENT_ERROR: Serial.println("Http Event Error"); break; case HTTP_EVENT_ON_CONNECTED: Serial.println("Http Event On Connected"); break; case HTTP_EVENT_HEADER_SENT: Serial.println("Http Event Header Sent"); break; case HTTP_EVENT_ON_HEADER: Serial.printf("Http Event On Header, key=%s, value=%s\ ", event->header_key, event->header_value); break; case HTTP_EVENT_ON_DATA: break; case HTTP_EVENT_ON_FINISH: Serial.println("Http Event On Finish"); break; case HTTP_EVENT_DISCONNECTED: Serial.println("Http Event Disconnected"); break; } } void setup(){ Serial.begin(115200); Serial.print("Attempting to connect to SSID: "); WiFi.begin(ssid, password); // attempt to connect to Wifi network: while (WiFi. status() != WL_CONNECTED) { Serial. print("."); delay(1000); } Serial. print("Connected to "); Serial.println(ssid); HttpsOTA.onHttpEvent(HttpEvent); Serial.println("Starting OTA"); HttpsOTA.begin(url, server_certificate); Serial.println("Please Wait it takes some time..."); } void loop(){ otastatus = HttpsOTA.status(); if(otastatus == HTTPS_OTA_SUCCESS) { Serial.println("Firmware written successfully. To reboot device, call API ESP.restart() or PUSH restart button on device"); ESP.restart(); } else if(otastatus == HTTPS_OTA_FAIL) { Serial.println("Firmware Upgrade Fail"); } delay(1000); }
4.4. Write the program, compile it, burn it into the ESP32 and press the reboot button to start the OTA update.
5. Question
I encountered many problems in the process of implementing this, and I wrote it down in the article for a record.
5.1 Question 1: Incorrect certificate
If the obtained certificate is incorrect, the running result will directly display an error, so the certificate must be correct.
5.2 Question 2: The firmware can be downloaded, but the update still fails
The error code I got back: ESP_ERR_OTA_PARTITION_CONFLICT
The reason is: the partition maintains the correct running firmware and cannot be updated to this place.
For other error codes, see Error Code.
To solve this problem, we need to know how the ESP32 is partitioned.
ESP32-Flash partition, based on PlatfromIO-Arduino
We add the partition.csv file to the project and add a partition ota_1 to solve the problem.
# Name Type SubType Offset Size Flags nvs, data, nvs, 0x9000, 0x5000 otadata, data, ota, 0xe000, 0x2000 app0, app, ota_0, 0x10000, 0x140000 app1, app, ota_1, 0x150000, 0x140000 spiffs, data, spiffs, 0x290000, 0x170000
References
[ESP32] Turn on the LED light:
https://blog.csdn.net/weixin_52636248/article/details/125350613
Use VScode to develop ESP32, PlatformIO to develop ESP32:
https://blog.csdn.net/qlexcel/article/details/121527415
esp32 learning – build idf development environment by hand:
https://blog.csdn.net/zppsky_123/article/details/122605515
ESP32-Flash partition, based on PlatfromIO-Arduino:
https://blog.csdn.net/liahfdsaf/article/details/119010732
ESP-IDF teaching of ESP32 (thirteen) – Partition table:
https://blog.csdn.net/m0_50064262/article/details/122279800
Brief analysis of esp32 Flash partition and OTA function:
https://blog.csdn.net/abc517789065/article/details/79891568
Firmware updater:
https://github.com/espressif/arduino-esp32/tree/master/libraries/Update/examples/HTTPS_OTA_Update
Returned error code:
https://www.cnblogs.com/shengxiaoose/p/16499012.html