https://devzone.nordicsemi.com/f/nordic-q-a/58664/nrf9160-fota-over-httpsHi, I&#39;ve been skimming through the NRF9160 FOTA samples and related libraries(1.1 and master) and having hard time to understand some of the basics. My assumptions are: 1) It looks like fota_download library does not support TLS at all(sec_tagen-USTelligent Community 13Thu, 05 Mar 2020 12:16:29 GMThttps://devzone.nordicsemi.com/thread/238270?ContentTypeID=1Thu, 05 Mar 2020 12:16:29 GMT137ad170-7792-4731-bb38-c0d22fbe4515:d09f6397-d478-45c4-8315-fafbac7e2303fastfox<p>Yep, thanks. That is pretty much what I have been trying to do for few hours now.</p> <p></p> <p>Just struggling with unknown CA problems, even though there is another active TLS connection using the same CA cert while download client TLS fails. But that is another story.&nbsp;</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/238214?ContentTypeID=1Thu, 05 Mar 2020 09:53:33 GMT137ad170-7792-4731-bb38-c0d22fbe4515:53a53c91-4e33-4d0c-b7f8-33902954152bMartin Lesund<p>Hi Fastfox,<br />Thank you for pointing that out.&nbsp;</p> <p>By the way, we happily would like contributions to expand our libraries in NCS so that the libraries can be more flexible for your use-case.<br />(Ther is a <a href="https://github.com/NordicPlayground/fw-nrfconnect-nrf/pull/1873" rel="noopener noreferrer" target="_blank">Pull request on the User Guide </a>on how developers can contribute to NCS)<br /><br />There was just pushed out a Pull request based on what you have mentioned:<a href="https://github.com/NordicPlayground/fw-nrfconnect-nrf/pull/1986" rel="noopener noreferrer" target="_blank"></a></p> <ul> <li><a href="https://github.com/NordicPlayground/fw-nrfconnect-nrf/pull/1982" rel="noopener noreferrer" target="_blank">Add option to define security tag for TLS</a></li> </ul> <p></p> <p></p> <hr /> <p>If you need more control over how the HTTP requests look like, then<br />a&nbsp;suggestion is that you could build your own FOTA library based on <a href="https://docs.zephyrproject.org/latest/reference/kconfig/CONFIG_HTTP_CLIENT.html?highlight=http_client" rel="noopener noreferrer" target="_blank">HTTP_CLIENT</a>and in a combination with the <a href="http://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/include/dfu/dfu_target.html?highlight=dfu%20target" rel="noopener noreferrer" target="_blank">DFU TARGET</a>.&nbsp;</p> <p></p> <p><a href="https://github.com/NordicPlayground/fw-nrfconnect-nrf/pull/1982" rel="noopener noreferrer" target="_blank"></a></p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/238031?ContentTypeID=1Wed, 04 Mar 2020 12:50:28 GMT137ad170-7792-4731-bb38-c0d22fbe4515:e1c44657-664e-43bb-8f70-1ff04557e6cffastfox<p>Hi,</p> <p></p> <p>Thanks for prompt reply.</p> <p></p> <p>So basically the answer is that I should&nbsp;butcher fota&nbsp;lib to get HTTPS and&nbsp;butcher download client to get the headers, right?</p> <p></p> <p>What about the roadmap. IMHO, those libraries should have APIs that can be used to configure such stuff instead of having to fork and rewrite the code.</p><div style="clear:both;"></div>https://devzone.nordicsemi.com/thread/238024?ContentTypeID=1Wed, 04 Mar 2020 12:38:26 GMT137ad170-7792-4731-bb38-c0d22fbe4515:81ae049d-1821-4fb1-85b5-6d4bd9d88386Martin Lesund<p><span>Hi Fastfox,</span></p> <p><span>By default, the <a href="https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/include/net/fota_download.html" rel="noopener noreferrer" target="_blank">FOTA download library</a> uses HTTP for downloading the firmware file. </span></p> <p><span>To use HTTPS instead, apply the changes described in&nbsp;</span><a href="https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrf/include/net/download_client.html#download-client-https"><span>the HTTPS section of the download client documentation</span></a><span>&nbsp;to the library.</span></p><div style="clear:both;"></div>