The connection.configureTLS method only sets hostname if tls.Config.InsecureSkipVerify is false (i.e. tlsInsecure=false). The hostname should always be set because it can be used server-side for SNI. In the case that InsecureSkipVerify=true, Go's TLS library will skip hostname verification anyway (https://github.com/golang/go/blob/master/src/crypto/tls/handshake_client.go#L830), so setting it makes no difference for client-side checks.