ESP HTTPS OTA

Overview

esp_https_ota provides simplified APIs to perform firmware upgrades over HTTPS. It’s an abstraction layer over existing OTA APIs.

Application Example

esp_err_t do_firmware_upgrade()
{
    esp_http_client_config_t config = {
        .url = CONFIG_FIRMWARE_UPGRADE_URL,
        .cert_pem = (char *)server_cert_pem_start,
    };
    esp_err_t ret = esp_https_ota(&config);
    if (ret == ESP_OK) {
        esp_restart();
    } else {
        return ESP_FAIL;
    }
    return ESP_OK;
}

Signature Verification

For additional security, signature of OTA firmware images can be verified. For that, refer Secure OTA Updates Without Secure boot

API Reference

Functions

esp_err_t esp_https_ota(const esp_http_client_config_t *config)

HTTPS OTA Firmware upgrade.

This function performs HTTPS OTA Firmware upgrade

Note
For secure HTTPS updates, the cert_pem member of config structure must be set to the server certificate.
Return
  • ESP_OK: OTA data updated, next reboot will use specified partition.
  • ESP_FAIL: For generic failure.
  • ESP_ERR_OTA_VALIDATE_FAILED: Invalid app image
  • ESP_ERR_NO_MEM: Cannot allocate memory for OTA operation.
  • ESP_ERR_FLASH_OP_TIMEOUT or ESP_ERR_FLASH_OP_FAIL: Flash write failed.
  • For other return codes, refer OTA documentation in esp-idf’s app_update component.
Parameters