“Once you deploy your IoT device, you won’t have physical access to reprogram or update it. It is critical to plan ahead and to have a secure mechanism for updating your embedded system or IoT device. Sometimes you will have the requirement to update your IoT device because of a new feature update, security issues, bugs, you did not have enough time to finish something on time and you had to ship your device and etc.
Since we want to rely on existing and working software platforms, in this tutorial I will use the NGINX as a web server, “encrypted” traffic by an SSL certificate from Let’s Encrypt. I will use my test domain on lab4iot.site, I will describe everything in a step-by-step manner so that anyone can replicate and follow it. First, I will describe how to set up your domain and web server, then we will proceed with the ESP32 code. I present you with a basic Let’s Encrypt setup, it is not a production-ready setup but rather something to start you of. Let’s call it a proof of concept. The core point of the article is on the ESP32 part, however, the webserver setup is required. Keep that in mind!”