Hi,

I have a website so i wanted to try this library with that website. But i got "There was no content in the response" from uart terminal.

http://elifcalika.com/esp32/esp32.json
http://elifcalika.com/esp32/esp32.bin

/**
   esp32 firmware OTA
   Purpose: Perform an OTA update from a bin located on a webserver (HTTP Only)
   Setup:
   Step 1 : Set your WiFi (ssid & password)
   Step 2 : set esp32fota()
   Upload:
   Step 1 : Menu > Sketch > Export Compiled Library. The bin file will be saved in the sketch folder (Menu > Sketch > Show Sketch folder)
   Step 2 : Upload it to your webserver
   Step 3 : Update your firmware JSON file ( see firwmareupdate )
*/

#include <esp32fota.h>
#include <WiFi.h>

// Change to your WiFi credentials
const char *ssid = "***";
const char *password = "***";

// esp32fota esp32fota("<Type of Firme for this device>", <this version>);
esp32FOTA esp32FOTA("esp32-fota-http", 1);

void setup()
{
  esp32FOTA.checkURL = "http://elifcalika.com/esp32/esp32.json";
  Serial.begin(115200);
  setup_wifi();
}

void setup_wifi()
{
  delay(10);
  Serial.print("Connecting to ");
  Serial.println(ssid);

  WiFi.begin(ssid, password);

  while (WiFi.status() != WL_CONNECTED)
  {
    delay(500);
    Serial.print(".");
  }

  Serial.println("");
  Serial.println(WiFi.localIP());
}

void loop()
{
  delay(2000);
  esp32FOTA.forceUpdate("http://elifcalika.com", 80, "/esp32/esp32.bin");
}

I tried using this library with github as a repo. But it always reports !=200 return codes because all githib https link hit a redirect 301 to https. In this day and age, https is essentially a given.

Please update the platformio version

• **Many inconsistency, mainly on updated method (i.e forceUpdate)
• **Lacks latest update

hello, I made the following correction for it to operate using iis hosting. change the T of type to uppercase.

#97 line.startsWith("Content-type: ")

IIS response : Content-Type , T in upper case .

HTTP/1.1 200 OK
Content-Length: 874080
Content-Type: application/octet-stream
Last-Modified: Tue, 09 Jun 2020 15:13:54 GMT
Accept-Ranges: bytes
ETag: "065b996703ed61:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Tue, 09 Jun 2020 15:40:00 GMT

very good job, works excellent !

best regards

Hi Chris,
I have an error when I tried to compile HTTP example

error message :
Arduino: 1.8.12 (Mac OS X), Board: "DOIT ESP32 DEVKIT V1, 80MHz, 921600, None"

/Users/williamsantoso/Documents/Arduino/libraries/esp32FOTA/src/esp32fota.cpp:271:8: error: prototype for 'String esp32FOTA::forceUpdate(String, int, String)' does not match any in class 'esp32FOTA'
String esp32FOTA::forceUpdate(String firwmareHost, int firwmarePort, String firwmarePath)
^
In file included from /Users/williamsantoso/Documents/Arduino/libraries/esp32FOTA/src/esp32fota.cpp:8:0:
/Users/williamsantoso/Documents/Arduino/libraries/esp32FOTA/src/esp32fota.h:17:8: error: candidate is: void esp32FOTA::forceUpdate(String, int, String)
void forceUpdate(String firwmareHost, int firwmarePort, String firwmarePath);
^
Multiple libraries were found for "WiFi.h"
Used: /Users/williamsantoso/Library/Arduino15/packages/esp32/hardware/esp32/1.0.4/libraries/WiFi
Not used: /Applications/Arduino.app/Contents/Java/libraries/WiFi
exit status 1
Error compiling for board DOIT ESP32 DEVKIT V1.

This report would have more information with
"Show verbose output during compilation"
option enabled in File -> Preferences.

Is there anything that's wrong?
Thanks

Hay peeps,

OK so this isnt really an issue, this FOTA works well. Thanks chris.

But can it work via GSM in particular TinyGSMclient?

I tried, but obviously it fails.

Just wondered if anyone had any input.

Thanks all.
grichfitz

This is a question / request for clarification

I am trying to make this example work: https://github.com/chrisjoyce911/esp32FOTA/blob/master/examples/HTTP/HTTPS.ino

In the example, it is not clear how to perform this step:
Step 3 : Provide SPIFFS filesystem with root_ca.pem of your webserver

I also checked the README.md - same cryptic instruction "For https or signature check: SPIFFS with root_ca.pem (https) and rsa_key.pem (signature check)"

How does actually one do that ?

Can the certificate check not be managed by a constant in the sketch as described in this article: https://www.lab4iot.com/2021/02/21/esp32-secure-firmware-update-over-the-air-ota/?unapproved=660&moderation-hash=f37b98b9077b522d86cd237ae1a442dc#comment-660

char *siteCertificate =
"-----BEGIN CERTIFICATE-----\n"
...

Many thanks in advance

Hello.
I am trying to build an HTTP server using the library you created. However, I try to download the latest version of the library and compile it, but there is a compilation error.
Compiling the HTTP.ino file in the sample directory also results in an error.
The error codes are as follows:

C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp: In member function 'bool esp32FOTA::execHTTPcheck()':
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:244:46: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [5]')
const char *pltype = JSONDocument["type"];
^
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:245:41: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [8]')
int plversion = JSONDocument["version"];
^
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:246:46: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [5]')
const char *plhost = JSONDocument["host"];
^
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:247:33: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [5]')
_port = JSONDocument["port"];
^
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:248:45: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [4]')
const char *plbin = JSONDocument["bin"];
^
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp: In member function 'bool secureEsp32FOTA::execHTTPSCheck()':
C:\Users\SIMJB\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:419:37: error: no match for 'operator[]' (operand types are 'ArduinoJson670_0_0::StaticJsonDocument<300u>' and 'const char [5]')
description->type = JSONDocument["type"].as();

The Arduino IDE version uses the latest version 1.8.15 and the board ESP32-WROOM-DEV.
I don't know which part to fix, so I register the issue.

Hi, I still have this problem.
My json file

{
    "type": "esp32-fota-http",
    "version": 3,
    "host": "http://leastric-device-ota.s3-ap-southeast-1.amazonaws.com",
    "port": 80,
    "bin": "/test/testfile.bin"
}

I tried curl too :
curl --head http://leastric-device-ota.s3-ap-southeast-1.amazonaws.com:80/test/testfile.bin

the following response :

HTTP/1.1 200 OK
x-amz-id-2: z+rmECm3+0WRs9serOiuOklCMEpgk7TN2ooN4zPX5bjeG3799/sREvEP9GJrhoM+PTf/R2PEWZs=
x-amz-request-id: ASCH3HDQ8MEYCQEW
Date: Fri, 29 May 2020 08:14:09 GMT
Last-Modified: Fri, 29 May 2020 07:30:28 GMT
ETag: "59b6eb3fd0919051b7deae7141f8906f"
Accept-Ranges: bytes
Content-Type: application/macbinary
Content-Length: 874096
Server: AmazonS3

Debug result :

Connecting to: http://leastric-device-ota.s3-ap-southeast-1.amazonaws.com
Fetching Bin: /test/testfile.bin
Line = HTTP/1.1 400 Bad Request
Got a non 200 status code from server. Exiting OTA Update.
contentLength : 0, isValidContentType : 0
There was no content in the response

what should I do?

Thanks.

Originally posted by @williamsantoso93 in #10 (comment)

this library support https?

Hey,
thanks so much for this library! I was wondering how you'd feel about adding a hash/signature check to the lib as another way to authenticate the new firmware image.

The way I'd see this could be implemented is through a public/private key + digest:

1. Create public/private key pair
2. public key gets delivered to ESP32 firmware
3. Private key creates sha256 digest of the new firmware
4. Digest could be placed into .json file (or just use first 512 bytes of the firmware.bin)
5. OTA downloads the file, verifies if signature matches, then runs the update.

Only piece I don't know here: how can you make Update.h wait for the signature check after the download is complete?

First you'd create your key-pair:

  openssl genrsa -out key.pem 4096
  openssl rsa -in key.pem -pubout > key.pub

Creating the firmware.img with the embedded signature would be

  # Create signature file
  openssl dgst -sign key.pem -keyform PEM -sha256 -out firmware.sign -binary firmware.bin

  # throw it all in one file
  cat firmware.sign firmware.bin > firmware.img

Signature check on a Linux shell would look like this:

   # Create signature file from image
   dd if=firmware.img of=firmware.sign bs=512 count=1

   # Create OTA update file from image
   dd if=firmware.img of=firmware.bin bs=512 skip=1

   # Verify signature
   openssl dgst -verify key.pub -keyform PEM -sha256 -signature firmware.sign -binary firmware.bin

On the ESP32 this would require an additional library for the signature check, but with an embedded implementation of openssl this should be as simple as running rsa_verify() with the firmware file and the public key.

Embedding the signature into the image is not necessary but seems like it would keep things together (and if you implement the version check through HTTP headers it wouldn't make sense to add it to the .json file).

Finally to the reason I think this would be useful:
In a scenario where your webserver uses a Let's Encrypt certificate the cert would change every 3 months. So it's not a good idea to check the update file solely through the SSL certificate. Even if you use a paid cert, browsers are moving forward to shorter and shorter validity periods, currently 1 year is favoured, that might change in future.
With a pub/private key dedicated just to your specific firmware you will be independent of these constraints. You can even go as far as using a different key for each firmware-branch you deploy.

Suggestions:

1. Print deserialization error if any
2. Add warning/note about possible BOM in the hosted .json.

I was hitting "InvalidInput" but couldn't figure it out until I read: https://arduinojson.org/v6/api/misc/deserializationerror/

.. and found out I had a few extra bytes:

         00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F

00000000   EF BB BF 7B 0A 20 20 20 20 22 74 79 70 65 22 3A  {.    "type":
00000010   20 22 65 73 70 33 32 2D 66 6F 74 61 2D 6D 61 69   "esp32-fota-mai
00000020   6E 2D 77 65 61 74 68 65 72 22 2C 0A 20 20 20 20  n-weather",.
00000030   22 76 65 72 73 69 6F 6E 22 3A 20 32 2C 0A 20 20  "version": 2,.

I then used Notepad++ to fix it:
Encoding >> Encode in UTF-8 without BOM

As written, this library assumes that users are using SPIFFS. An example of this is:

It would be good to be able to select between SPIFFS and LittleFS for users that might have switched over.

Hello,
What should I put in place of URL my ip addr?
Because I tried to put that and I am getting error of HTTP

I am trying to test my OTA. I always get the same non 200 status code when I call execOTA()

Connecting to: spimesenselabs.com
Fetching Bin: /IoTik/v19.ino.bin
Got a non 200 status code from server. Exiting OTA Update.
contentLength : 0, isValidContentType : 0
There was no content in the response

And this is my JSON :

{
    "type": "esp32-fota-http",
    "version": 20,
    "host": "spimesenselabs.com",
    "port": 80,
    "bin": "/IoTik/v19.ino.bin"
}

Any hints ?

Hi,

I was reading your code as I am considering using it for one of my projects. I spotted a delay in esp32FOTA::execHTTPcheck(...) that can cause problems for other people using you library. If deserializing JSON fails, it will halt the execution for 5 seconds. This will starve the execution of any other code and can lead to a critical failure (e.g. when controlling a motor).

See the code at:

Hi @chrisjoyce911 ,

I am new to github and coding in general and hence didn't want to start using pull requests just yet. In my included library files, I have modified the .cpp and .h files to change the variable type for plversion and firmwareVersion from int to float. This seems to work perfectly and I can now have one point in my versioning such as 1.95 , 1.96 etc...
Thanks for this awesome code. Working great for me on esp32 and XAMPP server for testing my prototypes.

esp32fotaH.txt
esp32fotaCPP.txt

Great work ! Thank you !!
I already see a great infrastructure and very simplified interface. However, why not expand it ?
It would be really handy if the option to manually supply the fota.json instead of providing its URL.
Also the option to manually provide the OTA directly might be useful.
I am actually working on a project now that involves both, trying to find a workaround for them, and natively supporting them would be great !

5:28:34.719 -> ets Jun 8 2016 00:22:57
15:28:34.719 ->
15:28:34.719 -> rst:0x1 (POWERON_RESET),boot:0x13 (SPI_FAST_FLASH_BOOT)
15:28:34.719 -> configsip: 0, SPIWP:0xee
15:28:34.719 -> clk_drv:0x00,q_drv:0x00,d_drv:0x00,cs0_drv:0x00,hd_drv:0x00,wp_drv:0x00
15:28:34.719 -> mode:DIO, clock div:1
15:28:34.719 -> load:0x3fff0018,len:4
15:28:34.719 -> load:0x3fff001c,len:928
15:28:34.752 -> ho 0 tail 12 room 4
15:28:34.752 -> load:0x40078000,len:9280
15:28:34.752 -> load:0x40080400,len:5848
15:28:34.752 -> entry 0x40080698
15:28:35.083 -> Connecting to ........Getting HTTP
15:28:39.171 -> http://192.168.10.110:8080/fota/fota.json
15:28:39.171 -> ------
15:28:39.669 -> Connecting to: 192.168.10.110
15:28:39.868 -> Fetching Bin: /fota/esp32-fota-http-2.bin
15:28:39.935 -> contentLength : 0, isValidContentType : 0
15:28:39.935 -> There was no content in the response
15:28:41.930 -> Getting HTTP
15:28:41.930 -> http://192.168.10.110:8080/fota/fota.json
15:28:41.930 -> ------
15:28:42.461 -> Connecting to: 192.168.10.110
15:28:42.595 -> Fetching Bin: /fota/esp32-fota-http-2.bin
15:28:42.661 -> contentLength : 0, isValidContentType : 0
15:28:42.661 -> There was no content in the response
15:28:44.652 -> Getting HTTP
15:28:44.652 -> http://192.168.10.110:8080/fota/fota.json
15:28:44.652 -> ------
15:28:44.718 -> Connecting to: 192.168.10.110
15:28:44.751 -> Fetching Bin: /fota/esp32-fota-http-2.bin
15:28:44.784 -> contentLength : 0, isValidContentType : 0
15:28:44.784 -> There was no content in the response
15:28:46.774 -> Getting HTTP
15:28:46.774 -> http://192.168.10.110:8080/fota/fota.json
15:28:46.774 -> ------
15:28:47.470 -> Connecting to: 192.168.10.110
15:28:47.571 -> Fetching Bin: /fota/esp32-fota-http-2.bin
15:28:47.636 -> contentLength : 0, isValidContentType : 0
15:28:47.669 -> There was no content in the response
15:28:49.660 -> Getting HTTP
15:28:49.660 -> http://192.168.10.110:8080/fota/fota.json
15:28:49.660 -> ------
15:28:49.892 -> Connecting to: 192.168.10.110
15:28:50.091 -> Fetching Bin: /fota/esp32-fota-http-2.bin
15:28:50.091 -> contentLength : 0, isValidContentType : 0
15:28:50.125 -> There was no content in the response
15:28:52.115 -> Getting HTTP
15:28:52.115 -> http://192.168.10.110:8080/fota/fota.json

I tested your library and it works fine with wifi. But doesn't work with lan8720 (ethernet).
Lan8720 uses wifi.h too and I don't understand why it doesn't work.

bool updatedNeeded = esp32FOTA.execHTTPcheck();

return 0

Hi,
Is there a factory reset functionality using CONFIG_BOOTLOADER_APP_ROLLBACK_ENABLE option within this library? It would be good addition. I work with PlatformIO and am not sure how this option can be enabled with diagnostics GPIO pin configured.
Reference: https://github.com/espressif/esp-idf/tree/600d542f5/examples/system/ota#support-rollback

Hi and thanks for this lib :) !

Do you plan release 0.1.3 ? It seems that 0.1.2 is now +1y old and it would be awesome to see an update of this lib on arduino.cc
At least please set a tag and create a github release.

thanks !

• Arduino board: ESP32 Dev Module
• Arduino IDE 1.8.19
• ESP32 Core 1.0.6

Hello everyone,
congratulations for the useful library.
I am testing on different hostings with HTTP example without root certificate. All hosting are accessible with HTTPS. With the example code I am able to upgrade without problems on some hosting.
While on others it doesn't work with an HTTP/1.1 301 Moved Permanently, as detailed below.
Please can I get some help?
Thanks you

[I][esp32fota.cpp:214] execHTTPcheck(): Getting HTTP: https://****.eu/****/program.json
[I][esp32fota.cpp:215] execHTTPcheck(): ------
[V][HTTPClient.cpp:245] beginInternal(): url: https://****.eu/****/program.json
[W][HTTPClient.cpp:257] beginInternal(): unexpected protocol: https, expected http
[V][HTTPClient.cpp:245] beginInternal(): url: https://****.eu/****/program.json
[D][HTTPClient.cpp:293] beginInternal(): protocol: https, host: ****.eu port: 443 url: /****/program.json
[D][HTTPClient.cpp:579] sendRequest(): request type: 'GET' redirCount: 0

[V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 274168
[V][ssl_client.cpp:65] start_ssl_client(): Starting socket
[V][ssl_client.cpp:104] start_ssl_client(): Seeding the random number generator
[V][ssl_client.cpp:113] start_ssl_client(): Setting up the SSL/TLS structure...
[I][ssl_client.cpp:127] start_ssl_client(): WARNING: Skipping SSL Verification. INSECURE!
[V][ssl_client.cpp:197] start_ssl_client(): Setting hostname for TLS session...
[V][ssl_client.cpp:212] start_ssl_client(): Performing the SSL/TLS handshake...
[V][ssl_client.cpp:233] start_ssl_client(): Verifying peer X.509 certificate...
[V][ssl_client.cpp:242] start_ssl_client(): Certificate verified.
[V][ssl_client.cpp:257] start_ssl_client(): Free internal heap after TLS 230320
[D][HTTPClient.cpp:1125] connect():  connected to ****.eu:443
[V][ssl_client.cpp:295] send_ssl_data(): Writing HTTP request with 156 bytes...
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'HTTP/1.1 301 Moved Permanently'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Server: aruba-proxy'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Date: Thu, 21 Apr 2022 08:20:17 GMT'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Content-Type: text/html'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Transfer-Encoding: chunked'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Connection: keep-alive'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'Location: https://www.****.eu/****/program.json'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: 'X-ServerName: ipvsproxy135.ad.aruba.it'
[V][HTTPClient.cpp:1216] handleHeaderResponse(): RX: ''
[D][HTTPClient.cpp:1257] handleHeaderResponse(): code: 301
[D][HTTPClient.cpp:1264] handleHeaderResponse(): Transfer-Encoding: chunked
[D][HTTPClient.cpp:603] sendRequest(): sendRequest code=301

[E][esp32fota.cpp:260] execHTTPcheck(): Error on HTTP request
[D][HTTPClient.cpp:378] disconnect(): still data in buffer (179), clean up.

[D][HTTPClient.cpp:385] disconnect(): tcp keep open for reuse
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.

Hi, execOTA() function I noticed a typo that causes error when downloading the binary file.
The part reading the headers is checking if the line starts with "Content-Type: " where it should be "Content-type: ". Making this change fixed my program.

if (line.startsWith("Content-type: "))
            {
                String contentType = getHeaderValue(line, "Content-type: ");
                Serial.println("Got " + contentType + " payload.");
                if (contentType == "application/octet-stream")
                {
                    isValidContentType = true;
                }
            }

Hi,

ARDUINO IDE: 1.8.8
BOARD: ESP32
CODE: AS PER EXAMPLE PROVIDED

I'm trying to run the example but when compiling, I get this error message:

**C:\Users\PCIP\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp: In member function 'bool esp32FOTA::execHTTPcheck()':

C:\Users\PCIP\Documents\Arduino\libraries\esp32FOTA\src\esp32fota.cpp:257:1: error: control reaches end of non-void function [-Werror=return-type]

}

^

Any idea?

http.end() is never called if the JSON deserialization fails.

Esp32 will compile two bin files, one is app and the other is bootstrap. How to upgrade the two files via OTA?

ESP32-CAM_Motionino.bin
ESP32-CAM_Motion.ino.partitions.bin

Hello Devs.
I was trying your library with simple example of yours and with json body as you prescribed but not getting results.

The file is hosted through my mobile using an application on port 12345
The bin file is available at http://192.168.0.6:12345/fota_chris_original.ino.esp32.bin

I have done curl to get response like this:

D:\developement\Python3>curl -i http://192.168.0.6:12345/fota_chris_original.ino
.esp32.bin
HTTP/1.1 200 OK
Last-Modified: Fri, 21 May 2021 17:42:36 GMT
Date: Fri, 21 May 2021 18:14:08 GMT
Server: SimpleHttpServer/1.1
Content-Length: 891248
Content-Type: application/octet-stream

Warning: Binary output can mess up your terminal. Use "--output -" to tell
Warning: curl to output it to your terminal anyway, or consider "--output

The json file looks like this and can be available as
http://192.168.0.6:12345/fota.json

JSON

{
    "type": "esp32-fota-http",
    "version": 2,
    "host": "192.168.0.6:12345",
    "port": 12345,
    "bin": "/fota_chris_original.ino.esp32.bin"
}

As you can see I have even not used extra http there

• Arduino board: ESP32

• Arduino IDE version (found in Arduino -> About Arduino menu): 1.8.10

code is below

#include <esp32fota.h>
#include <WiFi.h>

// Change to your WiFi credentials
const char *ssid = "xxxx";
const char *password = "xxxxx";

esp32FOTA esp32FOTA("esp32-fota-http", 1);

void setup()
{
  esp32FOTA.checkURL = "http://192.168.0.6:12345/fota.json";
  Serial.begin(115200);
  setup_wifi();
}

void setup_wifi()
{
  delay(10);
  Serial.print("Connecting to my wifi");
  Serial.println(ssid);

  WiFi.begin(ssid, password);

  while (WiFi.status() != WL_CONNECTED)
  {
    delay(500);
    Serial.print(".");
  }

  Serial.println("");
  Serial.println(WiFi.localIP());
}

void loop()
{

  bool updatedNeeded = esp32FOTA.execHTTPcheck();
  if (updatedNeeded)
  {
    esp32FOTA.execOTA();
  }

  delay(2000);
}

But the response is strange and similar to that mentioned in
#1 , #34 , #32

Btw, my webserver is logging a get request every few seconds though..

Please suggest please?

Regards,
Shariq

Hi,

I'm trying to use the HTTPS example to update my ESP32 using a self-signed cert. I can successfully read the JSON file via HTTPS using the HTTPClient object and defining the cert in the http.begin(FWhost, FWport, FWfolder, CA_CERT) function so I know the ESP32 can access the HTTPS site, read and parse the JSON and complete the IF statement to trigger the executeOTA function.

However, I then encounter the following error:

02:54:20.655 -> [V][ssl_client.cpp:56] start_ssl_client(): Free internal heap before TLS 264256
02:54:20.655 -> [V][ssl_client.cpp:58] start_ssl_client(): Starting socket
02:54:20.655 -> [V][ssl_client.cpp:93] start_ssl_client(): Seeding the random number generator
02:54:20.655 -> [V][ssl_client.cpp:102] start_ssl_client(): Setting up the SSL/TLS structure...
02:54:20.655 -> [V][ssl_client.cpp:115] start_ssl_client(): Loading CA cert
02:54:20.655 -> [V][ssl_client.cpp:180] start_ssl_client(): Setting hostname for TLS session...
02:54:20.655 -> [V][ssl_client.cpp:195] start_ssl_client(): Performing the SSL/TLS handshake...
02:54:20.701 -> [E][ssl_client.cpp:33] _handle_error(): [start_ssl_client():199]: (-9984) X509 - Certificate verification failed, e.g. CRL, CA or signature check failed
02:54:20.701 -> [E][WiFiClientSecure.cpp:132] connect(): start_ssl_client: -9984
02:54:20.701 -> [V][ssl_client.cpp:248] stop_ssl_socket(): Cleaning SSL connection.

Any advice on how to resolve this issue as I think it's tripping up on the following in the executeOTA function:

if(client.connect("server",443) {

Thanks in advance!

Perhaps SemVer style firmware version scheme could be used instead of integer version numbers?

Hi, I'm starting to test the library with the Force Update example.
Sorry if I missed any details.

The web server is ok, the download url of the .bin file is accessible, but I have the following error:

contentLength: 0, isValidContentType: 0
There was no content in the response

thank you very much in advance for the help.

Dear all,
The Library is straightforward to use and works as expected.

However there is a limitation: while the check update URL can be a normal HTTP url to a web server, which is resolved by DNS, the server where the firmware is hosted must be an IP address; with a hostname it doesn't work because WiFiClient is used, instead of HTTPClient. This means upgrade is only possible from a local server or a web server with an exclusive IP address.
Web site hosting wouldn't work as they share the same IP address for several websites.

I suggest to use HTTPClient, which has built in DNS instead of WiFiClient, to download the firmware.

The return type is bool but the function is declared as string.

Arduino probably doesn't complain as I have not tried this with the Arduino IDE but Visual GDB with Visual Studio and Intellisense won't build this. Returning an empty string works.

The code does not perform any CRC check on the bin file downloaded from the server?
The rest of the error handling is just serial print statements as place holders in the library.
Ideally these errors should be on a callback so that the users code can decide what to do with it.

When the code is transferred to flash if the CRC fails it should roll back to the last known working version. This will keep repeating until it gets the update.

The Espressif ESP-IDF examples has HTTP and HTTPS that does this, however... I was looking for an Arduino one like yours...as I can have the benefit of 100's of other Arduino libraries for ESP32 .

_certificate member of secureEsp32FOTA must be const, so that the certificate string can be placed in flash memory instead of RAM.

I am trying to test my OTA, I get the following log :

Connecting to: spimesenselabs.com
Fetching Bin: /IoTik/v19.ino.bin
Got a non 200 status code from server. Exiting OTA Update.
contentLength : 0, isValidContentType : 0
There was no content in the response

but the function does not return and I have to reboot every time.

Hello,

You work like very elegant ! I juste have a question.
It is possible to update SPIFFS ?
I need to update FW and SPIFFS.

Best,

i got an error when i want to use HTTPS with root_ca.pem

Here is the log

[V][HTTPClient.cpp:245] beginInternal(): url: https://192.168.18.192/x
[D][HTTPClient.cpp:293] beginInternal(): protocol: https, host: 192.168.18.192 port: 443 url: /x
[D][HTTPClient.cpp:579] sendRequest(): request type: 'GET' redirCount: 0

[V][ssl_client.cpp:59] start_ssl_client(): Free internal heap before TLS 267404
[V][ssl_client.cpp:65] start_ssl_client(): Starting socket
[V][ssl_client.cpp:104] start_ssl_client(): Seeding the random number generator
[V][ssl_client.cpp:113] start_ssl_client(): Setting up the SSL/TLS structure...
[V][ssl_client.cpp:129] start_ssl_client(): Loading CA cert
[E][ssl_client.cpp:36] _handle_error(): [start_ssl_client():138]: (-8576) X509 - The CRT/CRL/CSR format is invalid, e.g. different type expected
[E][WiFiClientSecure.cpp:133] connect(): start_ssl_client: -8576
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[D][HTTPClient.cpp:1118] connect(): failed connect to 192.168.18.192:443
[W][HTTPClient.cpp:1417] returnError(): error(-1): connection refused
[E][esp32fota.cpp:444] execHTTPcheck(): Error on HTTP request
[D][HTTPClient.cpp:400] disconnect(): tcp is closed

[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.
[V][ssl_client.cpp:265] stop_ssl_socket(): Cleaning SSL connection.

How my root_ca.pem looks like

-----BEGIN CERTIFICATE-----
MIICNzCCAd2gAwIBAgIUDanrxeh8iZsiFFdKoakZxWCZzmcwCgYIKoZIzj0EAwIw
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
MvaV54fWuY4CIQCXAscqWiIcjOU6nL7gFH/rp01HR20J5ciAOe7R5IYS+A==
-----END CERTIFICATE-----

Description

When I change the declaration of esp32FOTA library in my PlatformIO ini to last version, it fails. When I change it to the Github target, it compile ok. I think that is only because the version on PlatformIO registry is old, February, and produce the next error:

Output

lib/canairioota/src/OTAHandler.cpp: In member function 'void OTAHandler::checkRemoteOTA(bool)':
lib/canairioota/src/OTAHandler.cpp:60:40: error: 'class esp32FOTA' has no member named 'getPayloadVersion'
             _onUpdateMsgCb(String(fota.getPayloadVersion()).c_str());
                                        ^
Compiling .pio/build/TTGO_TDISPLAY/FrameworkArduino/MD5Builder.cpp.o
*** [.pio/build/TTGO_TDISPLAY/lib043/canairioota/OTAHandler.cpp.o] Error 1

Config (failed)

lib_deps = 
	chrisjoyce911/esp32FOTA @ ^0.1.4

Config (working)

lib_deps = 
	; chrisjoyce911/esp32FOTA @ ^0.1.4
	https://github.com/chrisjoyce911/esp32FOTA.git

Fix

We need a new tag a new version?

• Arduino board: ESP32 Wrover 4M

• Arduino IDE version 1.8.9

• When installed with ArduinoJson V6.9.1 and V6.11.0 It does not work.

• Error:
  esp32fota.cpp:215:11: error: StaticJsonBuffer is a class from ArduinoJson 5. Please see arduinojson.org/upgrade to learn how to upgrade your program to ArduinoJson version 6

StaticJsonBuffer<300> JSONBuffer; //Memory pool

esp32fota.cpp: In member function 'bool esp32FOTA::execHTTPcheck()':

esp32fota.cpp:215:29: error: expected primary-expression before '<' token

esp32fota.cpp:215:35: error: 'JSONBuffer' was not declared in this scope

-Comment
***It works with Arduinojson V5.13.5 but I need V 6.9.1 and higher for other use cases.

-What to do
How to upgrade your code from V5 to V6:
https://arduinojson.org/v6/doc/upgrade/
ArduinoJson 6 replaces the concept of JsonBuffer with the concept of JsonDocument

-So what is the problem just fix it Pal
Whell my codeFu is lacking. but I am going to tak a stab at it and hope I do not hurt myself 8/

Hello
Does this library work for esp8266?
I tried the https.ino example but complier fails to find the SPIFFS header and shows "fatal error: SPIFFS.h: No such file or directory" so I wonder if it is because I use a 8266.

Thanks in advance

Hello,

I was thinking that maybe there is a way to remove the need for an additional json file that OTA uses to decide wether there is upgrade required. If the bin file HTTP headers would contain a version number, this could be enough to make a choice. This would be handled an other version of the execHTTPCheck() that reads header info instead of JSON, or maybe if it is an octet-stream, not json, then it would check the headers for version info.

What do you think? Maybe I am biased as I am hosting my bin firmware files on Google Storage Buckets, and it is easy to set headers there. 😄

András

I have tested my program in development mode. Everything worked well. The update worked.
However, after encoding, esp32 refuses to update.
I coded according to this instruction: espressif/arduino-esp32#1387 I pre-encode the firmware file, of course. Any thoughts.

Fetching Bin: /fw.bin
Got 1177456 bytes from server
Got application/octet-stream payload.
contentLength : 1177456, isValidContentType : 1
Begin OTA. This may take 2 - 5 mins to complete. Things might be quite for a while.. 
Patience!
Written only : 0/1177456. Retry?
Error Occurred. Error #: 8

Hi.

If you pass a file that does NOT exist on the server, you leak the client. The fix is trivial:

...
// Check if the HTTP Response is 200
// else break and Exit Update
if (line.startsWith("HTTP/1.1"))
{
if (line.indexOf("200") < 0)
{
Serial.println("Got a non 200 status code from server. Exiting OTA Update.");
client.stop(); // THIS NEEDS TO BE ADDED.
break;
}
gotHTTPStatus = true;
}
...

I've tested.

Please fix and thanks!

-Where is the name of the firmware file for loading written?
-What to write in the "description" line? Is it some kind of file? What's inside the file?
I've tried using the fota.json file. Not work.
In what format should the description file name be written? "example.com/fota.json" or "https://example.com/fota.json" or "/fota.json" ?

secureEsp32FOTA secureEsp32FOTA("sensing-pot", 1);
secureEsp32FOTA._host="firmwareHostWithoutPrependedHTTT.com"; //eg example.com
secureEsp32FOTA._descriptionOfFirmwareURL="/path-to-firmware-description"; //e /my-fw-versions
secureEsp32FOTA._certificate=test_root_ca;
secureEsp32FOTA.clientForOta=clientForOta;

Hi all,
I hit Load Prohibited in WiFiClient Read()
My bin is 1MB.
Do I need to change partition scheme to Minimal SPIFFS (1.9MB App with OTA/190KB SPIFFS)?

Thanks a lot.

It would be useful to add SPIFFS update option. Ideally it should be made right after the main FOTA update, before rebooting. This is because updating SPIFFS won't result into a FW_VERSION change, therefore it will be stuck in a catch 22 until the SPIFFS binary is deleted from server.

I tried to make this modification but it is not enough. The good thing is that the underlying ESP32 OTA function support SPIFFS update, it just needs a flag.

  // check contentLength and content type
    if (contentLength && isValidContentType)
    {
        // Check if there is enough to OTA Update
		if(spiffsFlag) {
			canBegin = Update.begin(contentLength,true);
		} else {
			canBegin = Update.begin(contentLength);
		}			

        // If yes, begin
        if (canBegin)
        {
			if(spiffsFlag) {
				Serial.println("Begin SPIFFS OTA...");
			} else {
				Serial.println("Begin FW OTA...");
			}	

Thank you for opening an issue on an esp32OTA Arduino library repository. To
improve the speed of resolution please review the following guidelines and
common troubleshooting steps below before creating the issue:

• Do not use GitHub issues for troubleshooting projects and issues. GitHub issues
  are meant for known defects in the code. If you don't know if there is a defect
  in the code then start with troubleshooting on the forum first.

• If following a tutorial or guide be sure you didn't miss a step. Carefully
  check all of the steps and commands to run have been followed. Consult the
  forum if you're unsure or have questions about steps in a guide/tutorial.

• For Arduino projects check these very common issues to ensure they don't apply:

  • For uploading sketches or communicating with the board make sure you're using
    a USB data cable and not a USB charge-only cable. It is sometimes
    very hard to tell the difference between a data and charge cable! Try using the
    cable with other devices or swapping to another cable to confirm it is not
    the problem.

  • Be sure you are supplying adequate power to the board. Check the specs of
    your board and plug in an external power supply. In many cases just
    plugging a board into your computer is not enough to power it and other
    peripherals.

  • Double check all soldering joints and connections. Flakey connections
    cause many mysterious problems. See the guide to excellent soldering for examples of good solder joints.

If you're sure this issue is a defect in the code and checked the steps above
please fill in the following fields to provide enough troubleshooting information.
You may delete the guideline and text above to just leave the following details:

• Arduino board: ESP32

• Arduino IDE version (found in Arduino -> About Arduino menu): 1.8.10

-I created the class secureEsp32FOTA, that can operate over https. I cloned the project and created a nwe branch, adding the class to the code as well as an example. I am not able to push the branch so as to create a Pull Request: could you please give me this possibility?

Hi, First of all, thanks for doing such a great job on the library. It worked for me on the first attempt. Just need help with getting LITTLEFS working. Do you have an example I can follow? Thanks in advance. I am in great need of getting LITTLEFS working. :-)

#47

Hi , just discover your library , installed it and created a simple sketch to test it but it never do the execOTA() because execHTTPcheck() everytime return 0
i'm using a lilygo t-pcie with a simcom 7600 lte module , also with forceUpdate() it never do the update.
i have tested the server via a smartphone and i was able to get to the json file
board is connected to internet via Vodafone LTE metwork and i have an ubuntu server with ngnix setup to host json file and bin firmware file
can you help me debug to find where is the problem ?