We have a product with devices out in the wild. The hardware is a custom board running wroom32 module. It shipped using ADF with ESP-IDF v3.2.
The device has functionality to check for FW update with a server and then upgrade using esp_https_ota() function. A root CA certificate is included in the configuration for the OTA. This certificate has long since expired. I am now seeing some devices connecting to the server and failing to update because the SSL connection is not valid. The CA is Organization: Digital Signature Trust Co.Common Name: DST Root CA X3. The OTA firmware file is hosted on Firebase.
Code: Select all
E (7513) esp-tls: mbedtls_ssl_handshake returned -0x2700
I (7513) esp-tls: Failed to verify peer certificate!
I (7513) esp-tls: verification info: ! The certificate is not correctly signed by the trusted CA
I have two questions:
1. We own the domain name the device tries to download from. Can I configure a server somehow to work with this old expired certificate? (I don't care if it is not secure)
2. In general how does one prevent this situation from happening? It is not possible to guarantee that all devices sold will be OTA updated with new fw (and root CA certificates) in a timely fashion.
Thanks,
Felix