Pre-shared keys are only good for bootstrapping a stronger trust relationship. You could use TLS-SRP to exchange identities and then mutually authenticate each other for the general case. X509 is not the problem. Centrally manager trust hierarchies are.