Kevin

Creator of Deploy the Fleet

1 minute read

Version 1.0.7 of DTF_ESP32Update released.

This update addresses the issues uncovered by our recent service issue and also contains a few feature improvements.

This version can be added directly through your favorite Arduino IDE or can be access directly from our Github release page.

Improved TLS Certificate Handling

The major improvement in this library is around handling of TLS certificates used to connect to the DTF OTA Service. The library now uses the Let’s Encrypt ISRG Root X1 certificate as the main pinned certificate to connect to the service. This is intended to prevent issues from certificate updates on the Deploy the Feet domain which happen regularly as per industry best practices.

Failover Domain

Because TLS certificates rotate so frequently (typically every 3 months) some IoT devices can run into issues, especially if they remain in deep sleep mode for extended periods of time. A device might wake up and find the certificate presented by Deploy the Fleet or any other internet service has changed. This results in a connection failure.

The new version of the library will automatically failover to a backup domain which utilizes a TLS certificate that is owned and operated by Deploy the Fleet. It doesn’t expire until the year 2034. This means Deploy the Fleet will be unaffected by TLS certificate policy changes by 3rd parties and also ensures that, even in this failover mode, updates are delivered securely over an encrypted connection.

Prevent Reboot on Successful Update

Previous versions of the library would automatically reboot your device after a successful update. With the new version you can pass an argument to the update function to prevent automatic reboot.

DTF_ESP32Update::getFirmwareUpdate(DTF_UPDATE_URL, "CURRENT_VERSION.c_str()", DTF_RebootOption::NO_REBOOT);

Certificate Bundle Tracking

The library now sends a certificate bundle identifier to let the Deploy the Fleet Service know what certificates are being used by the device to validate TLS connections. In a future update to the Deploy the Fleet Management Console this information will be shown to help you know when devices are getting close to a certificate expiration date.

Improved Logging

The library now uses the native Arduino Core library logging functions. This means when you change the default log level in your IDE it will automatically adjust the logging level of the DTF library.

Updated:

You may also enjoy

DTF SDK Initial Release

less than 1 minute read

To simplify integration with IDF-native projects, we have created the Deploy the Fleet SDK component.

New Status Page

less than 1 minute read

New status page reports on the availability of all services and connection status of all libraries.

Service Degraded

2 minute read

Deploy the Fleet OTA services are currently degraded. This post will be used to track updates.

Wi-Fi Security Advisory

less than 1 minute read

In case you missed it, Espressif announced a major Wi-Fi security vulnerability affecting all ESP32 chips with Wi-Fi. When an ESP32 or ESP8266 SoC is con...