Re: HTTPS OTA with Basic Authorization
Posted: Fri Nov 16, 2018 8:39 am
by k.ifantidis
Hello mr.Dzhest.
I believe that you are right !! I'll test it later when I'll deal with OTA and when I get the results I'll let you know in this post.
Best regards, Kostas
Re: HTTPS OTA with Basic Authorization
Posted: Tue Jun 11, 2019 8:54 pm
by uberthoth
From here
https://docs.espressif.com/projects/esp ... ta-updates
OTA updates to encrypted partitions will automatically write encrypted, as long as the esp_partition_write function is used.
Which sounds to me like the binary is downloaded unencrypted and then encrypted while being written to flash.
Then isn't it absolutely mandatory that we at least implement basic auth? If not, something more secure like the aforementioned certificate based auth?
Re: HTTPS OTA with Basic Authorization
Posted: Fri Jun 28, 2019 7:08 pm
by billiam
Basic auth works just fine in esp-idf 3.2+ as long as you encode your username/password in the url as follows :
https://user:password@myotaserver.com/m ... rmware.bin
Instructions to set up apache for basic auth :
https://cwiki.apache.org/confluence/dis ... dBasicAuth