thanks baumeistererde and now it works
Okay next problem:
The situation
I got the Bin file via browser.
i extracted the client certs via
“teddycloud ESP32CERT extract data/firmware/ESP32_.bin certs/client”
INFO |settings.c:0623:settings_load_ovl()| Load settings from config/config.overlay.ini
INFO |settings.c:0623:settings_load_ovl()| Load settings from config/config.ini
INFO |tls_adapter.c:0208:read_certificate()| File 'certs/server/ca-root.pem' assumed PEM style
INFO |tls_adapter.c:0205:read_certificate()| File 'certs/server/ca-key.pem' detected as DER style RSA PRIVATE KEY
INFO |tls_adapter.c:0208:read_certificate()| File 'certs/server/teddy-cert.pem' assumed PEM style
INFO |tls_adapter.c:0205:read_certificate()| File 'certs/server/teddy-key.pem' detected as DER style RSA PRIVATE KEY
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/ca.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/ca.der' failed
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/client.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/client.der' failed
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/private.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/private.der' failed
INFO |settings.c:0623:settings_load_ovl()| Load settings from config/config.overlay.ini
INFO |tls_adapter.c:0387:tls_adapter_init()| Loading certificates...
INFO |tls_adapter.c:0208:read_certificate()| File 'certs/server/ca-root.pem' assumed PEM style
INFO |tls_adapter.c:0205:read_certificate()| File 'certs/server/ca-key.pem' detected as DER style RSA PRIVATE KEY
INFO |tls_adapter.c:0208:read_certificate()| File 'certs/server/teddy-cert.pem' assumed PEM style
INFO |tls_adapter.c:0205:read_certificate()| File 'certs/server/teddy-key.pem' detected as DER style RSA PRIVATE KEY
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/ca.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/ca.der' failed
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/client.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/client.der' failed
ERROR|tls_adapter.c:0193:read_certificate()| Failed to open 'certs/client/private.der' for cert type detection
ERROR|tls_adapter.c:0375:load_cert()| Loading cert 'certs/client/private.der' failed
INFO |esp32.c:0547:esp32_get_partition()| Search for partition 'assets'
INFO |esp32.c:0566:esp32_get_partition()| Found partition 'assets' at 0x00f000
INFO |esp32.c:0350:esp32_fat_extract_folder()| Write 'CERT\CA.DER to 'certs/client/CA.DER' (1419 bytes)
INFO |esp32.c:0350:esp32_fat_extract_folder()| Write 'CERT\CLIENT.DER to 'certs/client/CLIENT.DER' (1030 bytes)
INFO |esp32.c:0350:esp32_fat_extract_folder()| Write 'CERT\PRIVATE.DER to 'certs/client/PRIVATE.DER' (1191 bytes)
and made them lower case
I dragged and droped the .der files into the teddycloud front end into the client certificate upload section
i renamed the teddycloud host name and pressed patch image. → succesfull until now
The problem:
if i press flash esp32 (patched) now the browser got stuck at connecting to esp. I have to refresh the browser and diconect the UART connecter and diconect the box from electricity. Connect everything again. And then i can start the process again just to be stuck again at the same step.
Same problem with load file.
My well educated (just kidding) guess is that the first request to load the file or read the esp chip blocks future serial connections. Any workaround?
I tried both UART adapters i have, i tried chrome and edge, all with the same results.
thanks again
M4x
I was stuck with the same problem. In the end it somehow worked. Im not sure why and how.
The things i did and maybe work for you:
- refresh browser
- connect everything again
- do the “load file” thing (i selected the firmware it originally got from the esp)
- then i got stuck
- did NOT refresh browser
- disconnect uart things
- connect them again (and power up again)
- and then i could do the flashing via Browser (did work on second try only :D)
I hope this works for you also.
sadly no.
what ever sequence i try i will end up with
Failed to communicate: Failed to execute 'open' on 'SerialPort': Failed to open serial port.
while trying to flash the pached file
Here two things you can try.
If you want to do in the browser:
Disconnect UART from USB, reconnect ist.
Restart box in in debug mode.
Go to the webinterface and LOAD the patched firmwarefile it’s located under
/var/lib/docker/volumes/docker_firmware/_data
when you use docker, please check the correct directory for your case, the filename is
patched_[MACADRESS].bin, now you should be able flash the image.
Another way would be: Use the esptool:
esptool.py -b 921600 write_flash 0x0 patched[MACADRESS].bin
I experienced, everytime I read the image, I need to reconnect the UART or it will be locked.
Thanks again. at the end i used the browser to read and patch the firmware and the esptool to flash it back.
But jeah this worked.
Remember to keep a backup of the original fw dump and have fun with teddycloud
I would skip the git clone and build, and just download the docker compose file. It is not needed to build teddyCloud, as it is downloaded from the repo anyway with the provided dockerdfile.
Guess this will do the job.
Thanks for sharpening the documentation.
- Added some more structure and some word about how to update the containers :).
- Fixed the wget link for docker-compose.yaml, shout out to Simon for pointing me to this fauxpas.
Thank you for your effort! What do you use to shorten the J100 Jumper? I only know the jumpers on mainboards, which have pins?
Curved tweezers, but anything that conducts electricity works
If you are able to solder, i would recomment to solder a 2-pin pin header to J100.
Then you can use a common jumper to close it.
During normal operation you put the jumper to a singel pin only.
Isn’t this a little overload? Normally you don’t use this jumper regularly
I am currently in the process of getting docker-compose up and running.
The first time the page is called up, the message “Select certificate” appears. There I get a suggestion from MS-Organization-Access. When I select this, the following message appears.
Now the following message appears in the browser:
Error 401
Unauthorized
The logs show the following:
INFO |server.c:0701:server_init| 2 open HTTPS connections
WARN |tls_server_fsm.c:0260:tlsPerformServerHandshake| TLS handshake failure!
INFO |server.c:0701:server_init| 1 open HTTPS connections
WARN |server_helpers.c:0817:httpServerUriUnauthorizedCallback| >> 401 on index.shtm
With http via port 80 it works without any problems.
Hi,
Besides disabling http only you should also disable https auth cert. Then it should work fine.
Thanks for that guide.
I‘m having a weird problem: When downloading the dump via browser or via esptool. The connction times out randomly during the dump. I already replaced/resoldered the UART wires and replaced the UART/USB Adapter with a second brand. Serial monitor connects without any problem.
I nearly did 20 runs to finally get one complete
dump. Interesting side fact, I was only able to connect @ bautrate 115200.
I‘m now a bit worried to overwrite the flash as you might imagine.
Anyone a clue what could be the cause and how I could get rid off?
> esptool.py -b 115200 --port /dev/cu.usbserial-110 read_flash 0x0 0x80000 tb.esp32.bin
esptool.py v4.7.0
Serial port /dev/cu.usbserial-110
Connecting....
Detecting chip type... ESP32-S3
Chip is ESP32-S3 (QFN56) (revision v0.2)
Features: WiFi, BLE
Crystal is 40MHz
MAC: 3c:84:27:02:bb:ac
Uploading stub...
Running stub...
Stub running...
118784 (22 %)
A fatal error occurred: Corrupt data, expected 0x1000 bytes but received 0xfba bytes
You tried a different USB port or computer?
How you power your box?