ESP32 Forum

Posted: **Wed Jul 22, 2020 9:26 pm**

Hi you all!
I'm currently working on Arduino IDE and need to:

- Update the firmware using HTTPS OTA.
- Verify the new firmware is signed by myself.

Currently I do the OTA firmware update using HTTP protocol and everything works fine. But in order to implement better security practices, and given that the device must be updated periodically, I need to make this work this way. I'm just starting to know how the Secure Boot feature works. Can you help me, guys? Any ideas are welcome!

Posted: **Thu Jul 23, 2020 5:11 am**

Hi Sombra,

ESP-IDF has support for both hardware secure boot and a simpler method where app digital signature is verified on OTA update.

However, I'm afraid you can't enable these options from Arduino IDE. Need to use ESP-IDF where you can edit the project configuration.

Angus

Posted: **Thu Jul 23, 2020 2:42 pm**

Thanks for your answer, Angus!
I understand. Is there a way to use both Arduino and ESP-IDF? Or do I need to migrate all all to ESP-IDF.

Greetings!

Posted: **Fri Jul 24, 2020 5:25 am**

There is a way to use the Arduino support as an ESP-IDF component:
https://github.com/espressif/arduino-es ... mponent.md

(This doc looks like it may be a little out of date for the latest ESP-IDF, but the approach is there.)

Posted: **Tue Jul 28, 2020 1:35 pm**

This will help me a lot, thanks, Angus!!

ESP32 Forum

Secure boot + HTTPS OTA firmware updates.

Secure boot + HTTPS OTA firmware updates.

Re: Secure boot + HTTPS OTA firmware updates.

Re: Secure boot + HTTPS OTA firmware updates.

Re: Secure boot + HTTPS OTA firmware updates.

Re: Secure boot + HTTPS OTA firmware updates.