OTA over HTTPS connection to AWS S3 bucket

srisoma
Posts: 4
Joined: Thu Dec 28, 2023 4:46 pm

OTA over HTTPS connection to AWS S3 bucket

Postby srisoma » Wed Jan 24, 2024 2:57 pm

hi,

I am trying to run the https://github.com/espressif/esp-idf/tr ... _https_ota sample code to test the OTA over HTTPS, instead of web server I am using S3 bucket.

When i configure like below,

Code: Select all

    esp_http_client_config_t config = {
        .url = S3_BUCKET_ADDR,  // AWS s3 address of the image binary .bin application
        .client_cert_pem = ca_cert, // client certificate pem file
        .client_key_pem = rsa_key,  // client key pem file
        .timeout_ms = CONFIG_EXAMPLE_OTA_RECV_TIMEOUT,
        .keep_alive_enable = true,
    };
i am getting following error output on console

Code: Select all

W (6711) esp_https_ota: Continuing with insecure option because CONFIG_ESP_HTTPS_OTA_ALLOW_HTTP is set.
I (6711) advanced_https_ota_example: OTA started
E (6941) esp-tls-mbedtls: No server verification option set in esp_tls_cfg_t structure. Check esp_tls API reference
E (6941) esp-tls-mbedtls: Failed to set client configurations, returned [0x8017] (ESP_ERR_MBEDTLS_SSL_SETUP_FAILED)
Need correct procedure to make it work the example code, using the S3 bucket. I need to use secured manner to perform the OTA.
Please enlight with any experience you have,

Thankyou,
Sri :D

srisoma
Posts: 4
Joined: Thu Dec 28, 2023 4:46 pm

Re: OTA over HTTPS connection to AWS S3 bucket

Postby srisoma » Thu Jan 25, 2024 8:15 am

I found the issue, there are multiple issue i had seen while downloading from cloud.
1. The example project need some file which is stored on cloud with public permission
2. It may need to ca-cert.pem to access private cloud
3. You may run into buffer issues, if the file is not public, refer to following links.
https://github.com/espressif/esp-idf/issues/9164
viewtopic.php?f=13&t=14299&p=55721#p55721
4. the other issue is there is need for some magic key, i am still not able to find how to do for a custom file, For example it is working.

Overall the author for library can look into improving this example how to support typical S3 environment where security is a must.

Who is online

Users browsing this forum: No registered users and 14 guests