Greetings,

I does not seem like my first mail went through so I am gonna try again. In short I have a performance problem with the HttpClient when using https agains private networks over dialup/PPP connections. DNS records are not available for the webservers I am connecting to. When I go connect through my application (which is a sort of a httpsproxy), performance is significally slower then when i connect directly to the webserver. Allthough when I add correct DNS records (both forward and reverse) to my DNS-server, I get a good performance gain. So, I am asuming it is the reverse lookup of the DNS that is consuming time. Actually I can se from debugging that it is the part where a new socket/connection is beeing created that is timeconsuming. So I am wondering if there is a way to turn off the reverse lookup in the HttpClient or SSL library? I am using the SSLSocketFactory I found on these mailinglist. Please see below.

As additional information I can add that I use the whole URL to connect. When I create a method i use for an example an URL like this in the constructor: https://192.168.20.3. Is this ok? Or should I use another way to add the IP-address to avoid reverse lookup?

Also I would like to know if there is any good tips or hints for performance in general for the HttpClient?

Help is greatly appreciated!

Best Regards,
Christian Myrvold

************
/*
* ProxySSLSocketFactory.java
*
* Created on 3. mars 2004, 14:36
*/

package no.mitec.sacs.application.proxy;

/**
*
* @author  cm
*/
import java.io.IOException;
import java.net.InetAddress;
import java.net.Socket;
import java.net.UnknownHostException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

import org.apache.commons.httpclient.protocol.SecureProtocolSocketFactory;

public class ProxySSLSocketFactory implements SecureProtocolSocketFactory
{
    private static class TM implements X509TrustManager
    {
        public X509Certificate[] getAcceptedIssuers()
        {
            return new X509Certificate[0];
        }

public void checkClientTrusted(X509Certificate[] arg0, String arg1) throws CertificateException
{
}


public void checkServerTrusted(X509Certificate[] arg0, String arg1) throws CertificateException
{
}
}


    private static SSLSocketFactory getSocketFactory()
    {
        try
        {
            SSLContext context = SSLContext.getInstance("SSL");
            context.init(null, new TrustManager[] {new TM()}, null);
            return context.getSocketFactory();
        }
        catch (Exception e)
        {
            throw new RuntimeException(e);
        }
    }

public Socket createSocket(String host, int port, InetAddress clientHost,
int clientPort) throws IOException, UnknownHostException
{
return getSocketFactory().createSocket(host, port, clientHost, clientPort);
}


    public Socket createSocket(String host, int port)
        throws IOException, UnknownHostException
    {
        return getSocketFactory().createSocket(host, port);
    }

public Socket createSocket(Socket socket, String host, int port,
boolean autoClose) throws IOException, UnknownHostException
{
return getSocketFactory().createSocket(socket, host, port, autoClose);
}
}
************



--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]



Reply via email to