I think the hostname validation is on client side, it's the default behavior for many browsers, if the hostname doesn't match the cert CN, many browsers will give you a warning, and you have to manually trust the cert.
If you're talking about the outbound connection of gateway, I remember the gateway by default should raise an error if the hostname and cert CN are not matched.