In some security hardening guides there may be mention of setting the advanced option of Syslog.global.certificate.strictX509Compliance to true.  This KB documents some of the common concerns that may come up when considering this advanced setting.

ESXi 7.x
ESXi 8.x

1. Can enabling strict X.509 verification affect connectivity to our current remote syslog servers?
   Yes.
2. How can I know if my environment will have issues if this setting is set to true?
   Please use a test or dev environment, or system, to test the setting in your environment prior to a sweeping change in production.
   This creates the opportunity to research and address any issues that may be in the environment prior to implementing the advanced configuration option.
3. I have further questions regarding implementing this in my environment.
   Broadcom support has no further information or implementation instructions about the Syslog.global.certificate.strictX509Compliance advanced option in addition to what is in the official documentation at ESXi Syslog Options.
   Please engage the author of the security hardening guide for questions around their recommendation, or professional services for assistance with implementing this advanced option in your environment.