We already do something similar:
<SNIP>
SSLContext ctx = SSLContext.getInstance("SSL");
ctx.init(null, new TrustManager[] { new
TrustAllTrustManager() }, null);
SSLSocketFactory ssf = new SSLSocketFactory(ctx,
SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
</SNIP>
This issue does not have to do with the host name verifier or with
camel per se, but more to do with the fact that Java core
implementation will try to do a reverse dns lookup when creating a
secure connection to an ip address. There are workarounds, but those
would need to be implemented in camel.
Cheers
rouble
On Mon, Jun 3, 2013 at 10:47 PM, Willem jiang <willem.ji...@gmail.com> wrote:
> Hi,
>
> I'm not sure if setting the dummy implementation of X509HostnameVerifier can
> resolve the issue.
> Can you try it to see if it work?
>
>
> --
> Willem Jiang
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Web: http://www.fusesource.com | http://www.redhat.com
> Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
> (English)
> http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
> Twitter: willemjiang
> Weibo: 姜宁willem
>
>
>
>
>
> On Tuesday, June 4, 2013 at 10:23 AM, rouble wrote:
>
>> In my router configuration I am specifying "https4" - is that what you
>> wanted to know?
>>
>> cheers
>> rouble
>>
>> On Mon, Jun 3, 2013 at 9:59 PM, Willem jiang <willem.ji...@gmail.com
>> (mailto:willem.ji...@gmail.com)> wrote:
>> > Hi,
>> >
>> > There are lots of http related components can provide the https
>> > connection, it could be helpful if you can tell us which http component
>> > you are using.
>> >
>> > --
>> > Willem Jiang
>> >
>> > Red Hat, Inc.
>> > FuseSource is now part of Red Hat
>> > Web: http://www.fusesource.com | http://www.redhat.com
>> > Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
>> > (English)
>> > http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
>> > Twitter: willemjiang
>> > Weibo: 姜宁willem
>> >
>> >
>> >
>> >
>> >
>> > On Tuesday, June 4, 2013 at 5:20 AM, rouble wrote:
>> >
>> > > Camel Dudes,
>> > >
>> > > We have detected a very strange issue in that our https routes degrade
>> > > in performance when an ip address is used (as opposed to a domain
>> > > name).
>> > >
>> > > Turns out that the Java core libraries do reverse DNS lookup for ip
>> > > address when SSL connections are created. Read all about it here:
>> > >
>> > > https://forums.oracle.com/forums/thread.jspa?threadID=1532033
>> > > http://stackoverflow.com/questions/3193936/how-to-disable-javas-ssl-reverse-dns-lookup
>> > >
>> > > This becomes an issue when the IP address is not configured in the DNS
>> > > server and the reverse DNS fails. In this case each connection has to
>> > > wait for a timeout of the reverse DNS request before it can proceed.
>> > > This makes domain name connections faster than ip address connections
>> > > - which is backwards.
>> > >
>> > > Is this a known issue? There are a few workarounds/hacks recommended
>> > > on the interwebs, I was wondering if it would be possible to introduce
>> > > them into camel
>> > > (http://www.velocityreviews.com/forums/showpost.php?p=2959030&postcount=8).
>> > >
>> > > tia,
>> > > rouble
>> >
>>
>
>
>
