diff --git a/perl-xCAT/xCAT/Client.pm b/perl-xCAT/xCAT/Client.pm
index c6966e978..467e703d0 100644
--- a/perl-xCAT/xCAT/Client.pm
+++ b/perl-xCAT/xCAT/Client.pm
@@ -249,6 +249,7 @@ if (ref($request) eq 'HASH') { # the request is an array, not pure XML
     SSL_cert_file => $certfile,
     SSL_ca_file => $cafile,
     SSL_verify_mode => SSL_VERIFY_PEER,
+    SSL_verifycn_scheme => "none",
     SSL_use_cert => 1,
     Timeout => 0,
     %sslargs,
diff --git a/xCAT-client/bin/pasu b/xCAT-client/bin/pasu
index 2027ef1aa..c04d9b59f 100755
--- a/xCAT-client/bin/pasu
+++ b/xCAT-client/bin/pasu
@@ -242,7 +242,8 @@ sub expandnoderange {
                 SSL_cert_file=>$homedir."/.xcat/client-cred.pem",
                 SSL_ca_file => $homedir."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
                 %sslargs,
              );
   die "Connection failure: $!\n" unless ($client);
@@ -297,7 +298,8 @@ sub getipmiattrs {
                 SSL_cert_file=>$homedir."/.xcat/client-cred.pem",
                 SSL_ca_file => $homedir."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
                 %sslargs,
              );
   die "Connection failure: $!\n" unless ($client);
diff --git a/xCAT-client/bin/pping b/xCAT-client/bin/pping
index e82da4313..5193acd0e 100755
--- a/xCAT-client/bin/pping
+++ b/xCAT-client/bin/pping
@@ -72,7 +72,8 @@ else { 		# the normal case of the user running the cmd - expand the noderange us
                 SSL_cert_file=> xCAT::Utils->getHomeDir()."/.xcat/client-cred.pem",
                 SSL_ca_file =>  xCAT::Utils->getHomeDir()."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
 		%sslargs,
              );
 	die "Connection failure: $!\n" unless ($client);
diff --git a/xCAT-client/bin/ppping b/xCAT-client/bin/ppping
index a5371ec26..4ad7b21f2 100755
--- a/xCAT-client/bin/ppping
+++ b/xCAT-client/bin/ppping
@@ -90,6 +90,7 @@ my $client = IO::Socket::SSL->new(
                 SSL_use_cert => 1,
 		%sslargs,
                 SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
              );
 die "Connection failure: $!\n" unless ($client);
 my %cmdref = (command => 'noderange', noderange => $noderange);
diff --git a/xCAT-client/bin/prsync b/xCAT-client/bin/prsync
index b1bc0be50..049de4b7e 100755
--- a/xCAT-client/bin/prsync
+++ b/xCAT-client/bin/prsync
@@ -74,7 +74,8 @@ my $client = IO::Socket::SSL->new(
                 SSL_cert_file=>$homedir."/.xcat/client-cred.pem",
                 SSL_ca_file => $homedir."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
                 %sslargs,
              );
 die "Connection failure: $!\n" unless ($client);
diff --git a/xCAT-client/bin/pscp b/xCAT-client/bin/pscp
index 51603f1d1..60b33fa2e 100755
--- a/xCAT-client/bin/pscp
+++ b/xCAT-client/bin/pscp
@@ -71,7 +71,8 @@ my $client = IO::Socket::SSL->new(
                 SSL_cert_file=>$homedir."/.xcat/client-cred.pem",
                 SSL_ca_file => $homedir."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
                 %sslargs,
              );
 die "Connection failure: $!\n" unless ($client);
diff --git a/xCAT-client/bin/psh b/xCAT-client/bin/psh
index ef00375b6..03f53a7e2 100755
--- a/xCAT-client/bin/psh
+++ b/xCAT-client/bin/psh
@@ -71,7 +71,8 @@ else {
                 SSL_cert_file=>$homedir."/.xcat/client-cred.pem",
                 SSL_ca_file => $homedir."/.xcat/ca.pem",
                 SSL_use_cert => 1,
-                SSL_verify_mode => 1,
+                SSL_verify_mode => SSL_VERIFY_PEER,
+                SSL_verifycn_scheme => "none",
                 %sslargs,
              );
   die "Connection failure: $!\n" unless ($client);
diff --git a/xCAT-server/xCAT-wsapi/restapi.pl b/xCAT-server/xCAT-wsapi/restapi.pl
index 5ba02750a..d5ddffdd3 100755
--- a/xCAT-server/xCAT-wsapi/restapi.pl
+++ b/xCAT-server/xCAT-wsapi/restapi.pl
@@ -2477,6 +2477,8 @@ sub sendRequest {
             SSL_key_file  => $keyfile,
             SSL_cert_file => $certfile,
             SSL_ca_file   => $cafile,
+            SSL_verify_mode => SSL_VERIFY_PEER,
+            SSL_verifycn_scheme => "none",
             SSL_use_cert  => 1,
             Timeout       => 15,);
     }
diff --git a/xCAT-server/xCAT-wsapi/xcatws.cgi b/xCAT-server/xCAT-wsapi/xcatws.cgi
index dee357b30..d0fa35d62 100755
--- a/xCAT-server/xCAT-wsapi/xcatws.cgi
+++ b/xCAT-server/xCAT-wsapi/xcatws.cgi
@@ -2991,6 +2991,8 @@ sub sendRequest {
             SSL_key_file  => $keyfile,
             SSL_cert_file => $certfile,
             SSL_ca_file   => $cafile,
+            SSL_verify_mode => SSL_VERIFY_PEER,
+            SSL_verifycn_scheme => "none",
             SSL_use_cert  => 1,
             Timeout       => 15,);
     }