I find the ESP32 much easier to develop for, you don't need to install any toolchains, just plug in and drop code into the virtual USB drive that shows up! I wish all microcontrollers were like that these days.
That sounds like a very specific bootloader that you're using
ESP-IDF is still very nice though, and being CMake based makes it easy to integrate outside code
It supports serial based uploads, which are still pretty nice with the bundled serial monitor (one key combo to build, upload, and restart) and OTA uploads
Oh sure, but it's still way better than the last time I had to deal with an STM32 and install about 5 different things, modify a "boards.txt" file (which there were 3 copies of on my system in different places and I had no idea which was the real one) and then hit the program button with one hand with a mouse in the air while carefully timing a short of a reset trace on a PCB with the other with my elbow holding down the PCB. STM32s really suck. Never had to do that with an ESP32, at least someone made a nice bootloader for it.
I never coded on Espressif, but in other SDKs (e.g., mosquitto, mbedtls) typically this is done when you open the connection at the application layer (HTTPS, MQTTS). You pass in the cert bytes either as binary or PEM text as a char[]. Use a CA root cert(s) from your OS/browser.
It depends on whether you want to connect to random hosts or ones that you know beforehand. The latter is very easy, I just hardcode the certificate fingerprint. The former/dealing with CAs is harder, I've never done it.
