Password-based authentication (as you describe in the last paragraph of your question) is perhaps the most common way for a client to authenticate with a server in https. Another method is to use client certificates.
With regard to the client authenticating the server, you write:
The TCP client connects to the server and DOES NOT try to authenticatethe servers identify (just returns true when validating the servercertificate).
Without the client authenticating the server's identity - this opens the door to a Man-In-The-Middle (MITM) attack. An attacker that is able to position himself between the client and the server can present his own certificate to the client. If the client does not authenticate that the certificate is the true and correct certificate for the server, and the client trusts the certificate of the MITM, then the MITM can intercept and/or alter all communication between the client and the server. This is why it is essential that the client authenticates the server's certificate. Normally on the web, this is done through PKI, where trusted CA's authenticate servers certificates, then sign the certificates to indicate their 'stamp of approval'. Another way of authenticating a server certificate is to use 'certificate pinning', where the server's certificate is stored by the client, and the client checks that the certificate presented by the server matches the one that the client has stored. Certificate pinning is common with IOT clients.