Onno-Dirkzwager
commented
6 years ago Hi @yknivag I must have missed you on Discord. Good questions!
-
For the config pages. We made an hybrid cloud webapp. This gets the css, js and most of html pages from the IAS "cloud". And first time devices also use the browser to setup an httpS connection for device registration. (your browser acts as a relay between IAS and your esp) When in "captive portal" mode the browser only has access to the esp and not to the internet. In a future release we will give you the option to use a static SPIFFS version of the config pages which might (depending on features) be able to run in the "captive portal"
-
Currently there is no fallback. You are right about the compile time option with the #define. The esp8266 config pages have a page for updating the fingerprint. For the esp32 I'm currently working on a config page which lets you update the RootCA and save it to spiffs. (maby you could help by testing a beta in a couple of days?)
-
ESP-IDF? Not yet! We started out with the Arduino IDE as most of our users are here. 2.0.1 made it compatible for compiling with PlatformIO. ESP-IDF requires a full port of the library. Our ota server however does not care wat kind of device "platform" calls home. As long as it provides the necessary headers and accepts .bin files in return. If you are already working in the ESP-IDF and can initiate an ota update we will help you get it compatible with our services! Just ask.....
Sounds like you have an interesting project! I have had several projects trying to help disabled people. And would like to offer my help where ever you need it.
I hope my answers made sense and help!?
yknivag
Hello, apologies if someone has asked these questions or there are details somewhere in the documentation, I couldn't find anything. I posted this in Discord but no-one replied there so I have posted here also.
Is it possible to set the IAS configuration website to be a "captive portal" when the device is in AP mode? So that it behaves like WiFiManager and prompts for sign-in?
Also is there anyway to use HTTPS but to fall back to HTTP if that fails? Or is HTTP/HTTPS only a compile time option with the #define? Either that or to set HTTPS to retry without cert verification if it fails? Only if there isn't a way to fail-over then if the SSL certificate ever changes it will no longer be possible to update automatically (especially on ESP32 for which there is an embedded RootCA in the code) rendering the device stuck until it can be retrieved for manual re-programming
I know that the RootCA will last longer than the site cert but that is only relevant if any replacement/renewed site cert is issued against the same root and that isn't always the case with many providers - many providers start issuing against new root CAs significantly before the expiry of the old to ensure a smooth crossover and some large providers issue against a pool of roots to minimise the impact of having a revoke one.
One final question - is it possible to use IAS for a project build with the full ESP-IDF rather than in the Arduino IDE?
The project I'm intending for this will use an ESP32 and be built outside the Arduino environment as that doesn't yet support the required ESP-ADF. The project is intended for use by people with severe visual disability and so reliable remote updates with no user interaction are important.
Hopefully someone can help?