diff --git a/components/esp-tls/Kconfig b/components/esp-tls/Kconfig
index 297a357b6d..a12c501177 100644
--- a/components/esp-tls/Kconfig
+++ b/components/esp-tls/Kconfig
@@ -115,4 +115,20 @@ menu "ESP-TLS"
         help
             Enable detailed debug prints for wolfSSL SSL library.
 
+    config ESP_TLS_OCSP_CHECKALL
+        bool "Enabled full OCSP checks for ESP-TLS"
+        depends on ESP_TLS_USING_WOLFSSL
+        default y
+        help
+            Enable a fuller set of OCSP checks: checking revocation status of intermediate certificates,
+            optional fallbacks to CRLs, etc.
+
+    config ESP_TLS_DYN_BUF_STRATEGY_SUPPORTED
+        bool
+        default y
+        help
+            Enable support for dynamic buffer strategy for ESP-TLS. This is the hidden config option kept
+            for external components like OTA, to find out whether the dynamic buffer strategy is supported
+            for particular ESP-IDF version.
+
 endmenu