I can't generate the certificate for simple_ota_example. The msys2 printed this info:
Filip@DESKTOP-39581H3 MINGW32 /home/filip/esp/esp-idf/examples/get-started/hello_world/build
$ openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365
Can't load C:\msys32\home\Filip/.rnd into RNG
23020:error:2406F079:random number generator:RAND_load_file:Cannot open file:../openssl-1.1.1/crypto/rand/randfile.c:88:Filename=C:\msys32\home\Filip/.rnd
Generating a RSA private key
.........................+++++
.........................................................................................+++++
Generate self-signed certificate and key in OTA.
-
- Posts: 10
- Joined: Tue Jun 25, 2019 1:28 am
Re: Generate self-signed certificate and key in OTA.
I have the same problem too. Is there any solution please?
Thanks.
Simon Leung
Thanks.
Simon Leung
Re: Generate self-signed certificate and key in OTA.
Try to instal opensll in version 1.0.2 and run it from console not msys.
-
- Posts: 10
- Joined: Tue Jun 25, 2019 1:28 am
Re: Generate self-signed certificate and key in OTA.
you may try this for Windows user:
winpty openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 -nodes
winpty openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 -nodes
Re: Generate self-signed certificate and key in OTA.
Just run opensll and enter this command: req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365
-
- Posts: 10
- Joined: Tue Jun 25, 2019 1:28 am
Re: Generate self-signed certificate and key in OTA.
Hi filipESP:
I tried to use openssl 1.0.2. for both the certificate and the local server. When I run the simple_ota_example, there is an error message "esp-tls:Failed to connect to host (errno 113)".
If I use the openssl in mintty and type in
winpty openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 –nodes for the certificate
then
winpty openssl s_server -WWW -key ca_key.pem -cert ca_cert.pem -port 8070 for the local server
It seems the connection of ESP32 and the local server is ok and the bin file is downloaded without any problem. However there is an error message related to segment length and the firmware upgrades failed. Below is a capture of the message from the mintty platform.
I (3759) simple_ota_example: Connect to Wifi ! Start to Connect to Server....
I (5849) esp_https_ota: Starting OTA...
I (5849) esp_https_ota: Writing to partition subtype 16 at offset 0x110000
I (6049) esp_https_ota: esp_ota_begin succeeded
I (6049) esp_https_ota: Please Wait. This may take time
I (6059) esp_https_ota: Connection closed,all data received
I (6069) esp_image: segment 0: paddr=0x00110020 vaddr=0x3f400020 size=0x07518 ( 29976) map
E (6089) esp_image: invalid segment length 0xffffffff
E (6089) esp_https_ota: Error: esp_ota_end failed! err=0x5379. Image is invalid
E (6099) simple_ota_example: Firmware Upgrades Failed
Do you have any idea about what's wrong with what I have entered?
I tried to use openssl 1.0.2. for both the certificate and the local server. When I run the simple_ota_example, there is an error message "esp-tls:Failed to connect to host (errno 113)".
If I use the openssl in mintty and type in
winpty openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 –nodes for the certificate
then
winpty openssl s_server -WWW -key ca_key.pem -cert ca_cert.pem -port 8070 for the local server
It seems the connection of ESP32 and the local server is ok and the bin file is downloaded without any problem. However there is an error message related to segment length and the firmware upgrades failed. Below is a capture of the message from the mintty platform.
I (3759) simple_ota_example: Connect to Wifi ! Start to Connect to Server....
I (5849) esp_https_ota: Starting OTA...
I (5849) esp_https_ota: Writing to partition subtype 16 at offset 0x110000
I (6049) esp_https_ota: esp_ota_begin succeeded
I (6049) esp_https_ota: Please Wait. This may take time
I (6059) esp_https_ota: Connection closed,all data received
I (6069) esp_image: segment 0: paddr=0x00110020 vaddr=0x3f400020 size=0x07518 ( 29976) map
E (6089) esp_image: invalid segment length 0xffffffff
E (6089) esp_https_ota: Error: esp_ota_end failed! err=0x5379. Image is invalid
E (6099) simple_ota_example: Firmware Upgrades Failed
Do you have any idea about what's wrong with what I have entered?
-
- Posts: 10
- Joined: Tue Jun 25, 2019 1:28 am
Re: Generate self-signed certificate and key in OTA.
It is ok now if I use OpenSSL 1.0.2d.
-
- Posts: 6
- Joined: Sun Sep 08, 2019 1:56 pm
Re: Generate self-signed certificate and key in OTA.
I have the same problem, how can you solve it?Simon Leung wrote: ↑Mon Sep 23, 2019 9:37 amHi filipESP:
I tried to use openssl 1.0.2. for both the certificate and the local server. When I run the simple_ota_example, there is an error message "esp-tls:Failed to connect to host (errno 113)".
If I use the openssl in mintty and type in
winpty openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 –nodes for the certificate
then
winpty openssl s_server -WWW -key ca_key.pem -cert ca_cert.pem -port 8070 for the local server
It seems the connection of ESP32 and the local server is ok and the bin file is downloaded without any problem. However there is an error message related to segment length and the firmware upgrades failed. Below is a capture of the message from the mintty platform.
I (3759) simple_ota_example: Connect to Wifi ! Start to Connect to Server....
I (5849) esp_https_ota: Starting OTA...
I (5849) esp_https_ota: Writing to partition subtype 16 at offset 0x110000
I (6049) esp_https_ota: esp_ota_begin succeeded
I (6049) esp_https_ota: Please Wait. This may take time
I (6059) esp_https_ota: Connection closed,all data received
I (6069) esp_image: segment 0: paddr=0x00110020 vaddr=0x3f400020 size=0x07518 ( 29976) map
E (6089) esp_image: invalid segment length 0xffffffff
E (6089) esp_https_ota: Error: esp_ota_end failed! err=0x5379. Image is invalid
E (6099) simple_ota_example: Firmware Upgrades Failed
Do you have any idea about what's wrong with what I have entered?