diff --git a/ports/zephyr/Kconfig b/ports/zephyr/Kconfig
index 7abde6d49..25af3ebe5 100644
--- a/ports/zephyr/Kconfig
+++ b/ports/zephyr/Kconfig
@@ -174,6 +174,14 @@ config MEMFAULT_HTTP_PERIODIC_UPLOAD_INTERVAL_SECS
 
 endif # MEMFAULT_HTTP_ENABLE
 
+config MEMFAULT_SINGLE_CERT_FILE
+        bool "use a single CA cert file with all certs inside it"
+        default n
+
+config MEMFAULT_TLS_OFFLOAD
+        bool "TLS will be handled by offload"
+        default n
+
 config MEMFAULT_EVENT_STORAGE_SIZE
        int "Memfault Event Storage RAM Buffer Size"
        default 1024
diff --git a/ports/zephyr/common/memfault_logging.c b/ports/zephyr/common/memfault_logging.c
index b912495f3..c3c997064 100644
--- a/ports/zephyr/common/memfault_logging.c
+++ b/ports/zephyr/common/memfault_logging.c
@@ -40,7 +40,7 @@ static void prv_log_put_sync_string(const struct log_backend *const backend,
                             struct log_msg_ids src_level, uint32_t timestamp,
                             const char *fmt, va_list ap);
 static void prv_log_panic(struct log_backend const *const backend);
-static void prv_log_init(void);
+static void prv_log_init(const struct log_backend * const backend);
 static void prv_log_dropped(const struct log_backend *const backend, uint32_t cnt);
 const struct log_backend_api log_backend_mflt_api = {
   .put              = IS_ENABLED(CONFIG_LOG_IMMEDIATE) ? NULL : prv_log_put,
@@ -115,7 +115,7 @@ static void prv_log_panic(struct log_backend const *const backend) {
 }
 
 // Zephyr will call our init function so we can establish some storage.
-static void prv_log_init(void) {
+static void prv_log_init(const struct log_backend * const backend) {
   // static RAM storage where logs will be stored. Storage can be any size
   // you want but you will want it to be able to hold at least a couple logs.
   static uint8_t s_mflt_log_buf_storage[CONFIG_MEMFAULT_LOGGING_RAM_SIZE];
diff --git a/ports/zephyr/common/memfault_platform_http.c b/ports/zephyr/common/memfault_platform_http.c
index 2b6e1cd76..295c07a1a 100644
--- a/ports/zephyr/common/memfault_platform_http.c
+++ b/ports/zephyr/common/memfault_platform_http.c
@@ -28,7 +28,7 @@
 #include "memfault/http/utils.h"
 #include "memfault/panics/assert.h"
 
-#if CONFIG_MBEDTLS
+#if CONFIG_MBEDTLS && !CONFIG_MEMFAULT_TLS_OFFLOAD
 
 // Sanity check that SNI extension is enabled when using Mbed TLS since as of 2.4 Zephyr doesn't
 // enable it by default
@@ -115,10 +115,14 @@ static bool prv_send_data(const void *data, size_t data_len, void *ctx) {
 }
 
 static int prv_configure_tls_socket(int sock_fd, const char *host) {
+#if CONFIG_MEMFAULT_SINGLE_CERT_FILE
+  const sec_tag_t sec_tag_opt[] = {kMemfaultRootCert_DigicertRootG2 };
+#else
   const sec_tag_t sec_tag_opt[] = {
     kMemfaultRootCert_DigicertRootG2, kMemfaultRootCert_DigicertRootCa,
     kMemfaultRootCert_CyberTrustRoot,
     kMemfaultRootCert_AmazonRootCa1 };
+#endif
   int rv = setsockopt(sock_fd, SOL_TLS, TLS_SEC_TAG_LIST, sec_tag_opt, sizeof(sec_tag_opt));
   if (rv != 0) {
     return rv;