strictcertmode is disabled by default. SSL is used, but limited validation of the certificate will be performed. If strictcertmode is enabled, then the server’s certificate must have already been uploaded to the server so that the certificate signatures can be validated when the server certificate is presented during the SSL handshake.
To enable strictcertmode, type the following:
-> set getcertfile=tftp://
IP_ address/file-path/filename