Hi
I logged a ticket to not forget about this
https://issues.apache.org/jira/browse/CAMEL-6898
On Tue, Jun 25, 2013 at 11:19 AM, Claus Ibsen <claus.ib...@gmail.com> wrote:
> On Tue, Jun 18, 2013 at 3:39 PM, rouble <r.ou...@gmail.com> wrote:
>> We already do something similar:
>> <SNIP>
>> SSLContext ctx = SSLContext.getInstance("SSL");
>> ctx.init(null, new TrustManager[] { new
>> TrustAllTrustManager() }, null);
>> SSLSocketFactory ssf = new SSLSocketFactory(ctx,
>> SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
>> </SNIP>
>>
>> This issue does not have to do with the host name verifier or with
>> camel per se, but more to do with the fact that Java core
>> implementation will try to do a reverse dns lookup when creating a
>> secure connection to an ip address. There are workarounds, but those
>> would need to be implemented in camel.
>>
>> Cheers
>> rouble
>>
>
> Yeah would be nice if we have a simple way of turning this on. Fell
> free to log a JIRA ticket.
>
>
>>
>>
>> On Mon, Jun 3, 2013 at 10:47 PM, Willem jiang <willem.ji...@gmail.com> wrote:
>>> Hi,
>>>
>>> I'm not sure if setting the dummy implementation of X509HostnameVerifier
>>> can resolve the issue.
>>> Can you try it to see if it work?
>>>
>>>
>>> --
>>> Willem Jiang
>>>
>>> Red Hat, Inc.
>>> FuseSource is now part of Red Hat
>>> Web: http://www.fusesource.com | http://www.redhat.com
>>> Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
>>> (English)
>>> http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
>>> Twitter: willemjiang
>>> Weibo: 姜宁willem
>>>
>>>
>>>
>>>
>>>
>>> On Tuesday, June 4, 2013 at 10:23 AM, rouble wrote:
>>>
>>>> In my router configuration I am specifying "https4" - is that what you
>>>> wanted to know?
>>>>
>>>> cheers
>>>> rouble
>>>>
>>>> On Mon, Jun 3, 2013 at 9:59 PM, Willem jiang <willem.ji...@gmail.com
>>>> (mailto:willem.ji...@gmail.com)> wrote:
>>>> > Hi,
>>>> >
>>>> > There are lots of http related components can provide the https
>>>> > connection, it could be helpful if you can tell us which http component
>>>> > you are using.
>>>> >
>>>> > --
>>>> > Willem Jiang
>>>> >
>>>> > Red Hat, Inc.
>>>> > FuseSource is now part of Red Hat
>>>> > Web: http://www.fusesource.com | http://www.redhat.com
>>>> > Blog: http://willemjiang.blogspot.com (http://willemjiang.blogspot.com/)
>>>> > (English)
>>>> > http://jnn.iteye.com (http://jnn.javaeye.com/) (Chinese)
>>>> > Twitter: willemjiang
>>>> > Weibo: 姜宁willem
>>>> >
>>>> >
>>>> >
>>>> >
>>>> >
>>>> > On Tuesday, June 4, 2013 at 5:20 AM, rouble wrote:
>>>> >
>>>> > > Camel Dudes,
>>>> > >
>>>> > > We have detected a very strange issue in that our https routes degrade
>>>> > > in performance when an ip address is used (as opposed to a domain
>>>> > > name).
>>>> > >
>>>> > > Turns out that the Java core libraries do reverse DNS lookup for ip
>>>> > > address when SSL connections are created. Read all about it here:
>>>> > >
>>>> > > https://forums.oracle.com/forums/thread.jspa?threadID=1532033
>>>> > > http://stackoverflow.com/questions/3193936/how-to-disable-javas-ssl-reverse-dns-lookup
>>>> > >
>>>> > > This becomes an issue when the IP address is not configured in the DNS
>>>> > > server and the reverse DNS fails. In this case each connection has to
>>>> > > wait for a timeout of the reverse DNS request before it can proceed.
>>>> > > This makes domain name connections faster than ip address connections
>>>> > > - which is backwards.
>>>> > >
>>>> > > Is this a known issue? There are a few workarounds/hacks recommended
>>>> > > on the interwebs, I was wondering if it would be possible to introduce
>>>> > > them into camel
>>>> > > (http://www.velocityreviews.com/forums/showpost.php?p=2959030&postcount=8).
>>>> > >
>>>> > > tia,
>>>> > > rouble
>>>> >
>>>>
>>>
>>>
>>>
>
>
>
> --
> Claus Ibsen
> -----------------
> www.camelone.org: The open source integration conference.
>
> Red Hat, Inc.
> FuseSource is now part of Red Hat
> Email: cib...@redhat.com
> Web: http://fusesource.com
> Twitter: davsclaus
> Blog: http://davsclaus.com
> Author of Camel in Action: http://www.manning.com/ibsen
--
Claus Ibsen
-----------------
Red Hat, Inc.
Email: cib...@redhat.com
Twitter: davsclaus
Blog: http://davsclaus.com
Author of Camel in Action: http://www.manning.com/ibsen
