esp-idf/components/esp_https_ota/Kconfig

menu "ESP HTTPS OTA"

    config ESP_HTTPS_OTA_DECRYPT_CB
        bool "Provide decryption callback"
        default n
        help
            Exposes an additional callback whereby firmware data could be decrypted
            before being processed by OTA update component. This can help to integrate
            external encryption related format and removal of such encapsulation layer
            from firmware image.

    config ESP_HTTPS_OTA_ALLOW_HTTP
        bool "Allow HTTP for OTA (WARNING: ONLY FOR TESTING PURPOSE, READ HELP)"
        default n
        help
            It is highly recommended to keep HTTPS (along with server certificate validation) enabled.
            Enabling this option comes with potential risk of:
            - Non-encrypted communication channel with server
            - Accepting firmware upgrade image from server with fake identity

    config ESP_HTTPS_OTA_EVENT_POST_TIMEOUT
        int "Time in millisecond to wait for posting event"
        default 2000
        help
            This config option helps in setting the time in millisecond to wait for event to be posted to the
            system default event loop. Set it to -1 if you need to set timeout to portMAX_DELAY.

endmenu