HTTPS OTA with Basic Authorization

k.ifantidis
Posts: 33
Joined: Wed Mar 28, 2018 6:58 am

Re: HTTPS OTA with Basic Authorization

Postby k.ifantidis » Fri Nov 16, 2018 8:39 am

Hello mr.Dzhest.
I believe that you are right !! I'll test it later when I'll deal with OTA and when I get the results I'll let you know in this post.

Best regards, Kostas

uberthoth
Posts: 6
Joined: Tue Jun 11, 2019 4:06 am

Re: HTTPS OTA with Basic Authorization

Postby uberthoth » Tue Jun 11, 2019 8:54 pm

From here https://docs.espressif.com/projects/esp ... ta-updates
OTA updates to encrypted partitions will automatically write encrypted, as long as the esp_partition_write function is used.
Which sounds to me like the binary is downloaded unencrypted and then encrypted while being written to flash.

Then isn't it absolutely mandatory that we at least implement basic auth? If not, something more secure like the aforementioned certificate based auth?

User avatar
billiam
Posts: 5
Joined: Tue Jul 24, 2018 8:20 pm

Re: HTTPS OTA with Basic Authorization

Postby billiam » Fri Jun 28, 2019 7:08 pm

Basic auth works just fine in esp-idf 3.2+ as long as you encode your username/password in the url as follows :

https://user:password@myotaserver.com/m ... rmware.bin

Instructions to set up apache for basic auth :
https://cwiki.apache.org/confluence/dis ... dBasicAuth

Who is online

Users browsing this forum: sirOwlBeak and 90 guests