ESP32 ota升级固件相关问题

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

ESP32 ota升级固件相关问题

Postby pengjs » Thu Jun 24, 2021 6:19 am

[12:23:18.319]收←◆[0;33mW (17526) wifi_tls: Failed to verify peer certificate![0m
[0;33mW (17526) wifi_tls: verification info: ! The certificate is not correctly signed by the trusted CA
[0m

[12:23:20.259]收←◆[0;33mW (19466) wifi_tls: Failed to verify peer certificate![0m
[0;33mW (19466) wifi_tls: verification info: ! The certificate is not correctly signed by the trusted CA
[0m

程序:在OTA升级过程中,打开蓝牙,发送进度信息
提问:为什么提示wifi CA证书不对,后续代码logo不打印,但是程序会继续走,有时也会重启

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

Re: ESP32 ota升级固件相关问题

Postby pengjs » Thu Jun 24, 2021 7:44 am

补充重启logo:
[15:26:36.174]收←◆ets Jul 29 2019 12:21:46

rst:0x8 (TG1WDT_SYS_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
configsip: 0, SPIWP:0xee
clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
mode:DIO, clock div:2
load:0x3fff0030,len:4
load:0x3fff0034,len:5756
load:0x40078000,len:14820
load:0x40080400,len:3864
entry 0x4008063c
[0;33mW (58) boot.esp32: PRO CPU has been reset by WDT.[0m
[0;33mW (58) boot.esp32: WDT reset info: PRO CPU PC=0x40093521[0m
[0;33mW (60) boot.esp32: WDT reset info: APP CPU PC=0x400938c0[0m

[15:26:37.904]收←◆[0;31mE (2958) esp_image: invalid segment length 0xffffffff[0m

定位两个函数为:0x40093521: panic_print_char at /home/pjs/project/matatabot_v3_local/submodule/esp-idf/components/esp_system/panic.c:71

0x400938c0: panic_handler at /home/pjs/project/matatabot_v3_local/submodule/esp-idf/components/esp_system/port/panic_handler.c:495 (discriminator 3)

这个是什么原因造成的,可以怎么样解决呢?

ESP_Gargamel
Posts: 786
Joined: Wed Nov 14, 2018 8:45 am

Re: ESP32 ota升级固件相关问题

Postby ESP_Gargamel » Thu Jun 24, 2021 9:56 am

不开蓝牙的时候是否正常?打开蓝牙时,剩余内存还剩多少?证书校验的时候需要一定的内存余量,但不确认是否和这个有关。
如方便,请提供可复现问题的示例工程,包括 sdkconfig,以及复现流程。

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

Re: ESP32 ota升级固件相关问题

Postby pengjs » Fri Jun 25, 2021 2:25 am

不开蓝牙也存在问题。配置如附件,代码不方便上传
Attachments
sdkconfig.txt
(39.39 KiB) Downloaded 649 times

ESP_Gargamel
Posts: 786
Joined: Wed Nov 14, 2018 8:45 am

Re: ESP32 ota升级固件相关问题

Postby ESP_Gargamel » Fri Jun 25, 2021 3:10 am

你参考下示例:examples/system/ota/advanced_https_ota,另外,你的证书是自签发的?

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

Re: ESP32 ota升级固件相关问题

Postby pengjs » Fri Jun 25, 2021 6:18 am

可以发一份完整的 sdkconfig吗,我按着这个例子设置,也不行,其他的配置都不需要配置吗

ESP_Gargamel
Posts: 786
Joined: Wed Nov 14, 2018 8:45 am

Re: ESP32 ota升级固件相关问题

Postby ESP_Gargamel » Fri Jun 25, 2021 8:39 am

按这个 readme 操作:https://github.com/espressif/esp-idf/bl ... /README.md

看你前面的错误 log,应该是用的 ca 证书不对,需要和你 server 的对应上。

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

Re: ESP32 ota升级固件相关问题

Postby pengjs » Tue Jun 29, 2021 2:37 am

pjs@pjs-VirtualBox:~/project/matatabot_v3_local/submodule/esp-idf/examples/system/ota/advanced_https_ota$ openssl req -x509 -newkey rsa:2048 -keyout ca_key.pem -out ca_cert.pem -days 365 -nodes
Generating a RSA private key
..........+++++
.............+++++
writing new private key to 'ca_key.pem'
-----
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:CN
string is too long, it needs to be no more than 2 bytes long
Country Name (2 letter code) [AU]:Guangdong
string is too long, it needs to be no more than 2 bytes long
Country Name (2 letter code) [AU]:CN
State or Province Name (full name) [Some-State]:Guangdong
Locality Name (eg, city) []:Shenzhen
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Matatalab
Organizational Unit Name (eg, section) []:com
Common Name (e.g. server FQDN or YOUR name) []:47.242.19.192
Email Address []:xxx@matatalab.com
pjs@pjs-VirtualBox:~/project/matatabot_v3_local/submodule/esp-idf/examples/system/ota/advanced_https_ota$ openssl s_server -WWW -key ca_key.pem -cert ca_cert.pem -port 8070

是这个设置吗?Common Name (e.g. server FQDN or YOUR name) []:47.242.19.192 这个是我下载地址云的IP地址,假如固件放在阿里云,就是阿里云存放固件服务器的IP吗?

ESP_Gargamel
Posts: 786
Joined: Wed Nov 14, 2018 8:45 am

Re: ESP32 ota升级固件相关问题

Postby ESP_Gargamel » Tue Jun 29, 2021 4:13 am

可以,你可以先用浏览器确保可以正常下载你的 bin。

pengjs
Posts: 18
Joined: Fri Apr 09, 2021 6:32 am

Re: ESP32 ota升级固件相关问题

Postby pengjs » Tue Jun 29, 2021 7:23 am

用浏览器可以正常下载,按照上面配置证书后,还是会出现CA验证不对,程序也可以正常OTA升级,但是在升级过程中偶尔CPU会重启

Who is online

Users browsing this forum: Google [Bot] and 48 guests