Hello mr.Dzhest.
I believe that you are right !! I'll test it later when I'll deal with OTA and when I get the results I'll let you know in this post.
Best regards, Kostas
HTTPS OTA with Basic Authorization
Re: HTTPS OTA with Basic Authorization
From here https://docs.espressif.com/projects/esp ... ta-updates
Then isn't it absolutely mandatory that we at least implement basic auth? If not, something more secure like the aforementioned certificate based auth?
Which sounds to me like the binary is downloaded unencrypted and then encrypted while being written to flash.OTA updates to encrypted partitions will automatically write encrypted, as long as the esp_partition_write function is used.
Then isn't it absolutely mandatory that we at least implement basic auth? If not, something more secure like the aforementioned certificate based auth?
Re: HTTPS OTA with Basic Authorization
Basic auth works just fine in esp-idf 3.2+ as long as you encode your username/password in the url as follows :
https://user:password@myotaserver.com/m ... rmware.bin
Instructions to set up apache for basic auth :
https://cwiki.apache.org/confluence/dis ... dBasicAuth
https://user:password@myotaserver.com/m ... rmware.bin
Instructions to set up apache for basic auth :
https://cwiki.apache.org/confluence/dis ... dBasicAuth
Who is online
Users browsing this forum: Google [Bot] and 336 guests