ESP8266 ota over HTTPS

ESP8266httpsUpdate.ino

/*
    OTA update over HTTPS
    
    As an example, we download and install ESP8266Basic firmware from github.
    
    Requires latest git version of the core (November 17, 2015)
    
    Created by Ivan Grokhotkov, 2015.
    This example is in public domain.
*/

#include <ESP8266WiFi.h>
#include <WiFiClientSecure.h>
#include <FS.h>
#include "ESP8266httpUpdate.h"

const char* ssid = "..............";
const char* password = "..............";

const char* host = "raw.githubusercontent.com";
const int httpsPort = 443;

// Use web browser to view and copy
// SHA1 fingerprint of the certificate
const char* fingerprint = "B0 74 BB EF 10 C2 DD 70 89 C8 EA 58 A2 F9 E1 41 00 D3 38 82";

const char* url = "/esp8266/Basic/master/Flasher/Build/4M/ESP8266Basic.cpp.bin";

void setup() {
  Serial.begin(115200);
  Serial.setDebugOutput(true);
  WiFi.mode(WIFI_STA);
  delay(5000);
  Serial.println();
  Serial.print("connecting to ");
  Serial.println(ssid);

  if (WiFi.SSID() != ssid) {
    WiFi.begin(ssid, password);
  }
  while (WiFi.status() != WL_CONNECTED) {
    delay(500);
    Serial.print(".");
  }
  Serial.println("");
  Serial.println("WiFi connected");
  Serial.println("IP address: ");
  Serial.println(WiFi.localIP());

  // configure time
  configTime(3 * 3600, 0, "pool.ntp.org");

  // Use WiFiClientSecure class to create TLS connection
  WiFiClientSecure client;
  Serial.print("connecting to ");
  Serial.println(host);
  if (!client.connect(host, httpsPort)) {
    Serial.println("connection failed");
    return;
  }

  if (client.verify(fingerprint, host)) {
    Serial.println("certificate matches");
  } else {
    Serial.println("certificate doesn't match");
    return;
  }

  Serial.print("Starting OTA from: ");
  Serial.println(url);
  
  auto ret = ESPhttpUpdate.update(client, host, url);
  // if successful, ESP will restart
  Serial.println("update failed");
  Serial.println((int) ret);
}

void loop() {
}