Came across issue when a new client was getting ~10s delays before page loads. They were hitting an IP in their network that did not have reverse DNS name associated with it. Turned out that requests were being made by JRuby SSL to do reverse DNS lookup on the IP, and those requests were timing out before continuing with the request.
https://github.com/jruby/jruby/blob/master/src/org/jruby/ext/openssl/SSLSocket.java#L142 - this line will always force a reverse DNS lookup for an SSL connection.
http://docs.oracle.com/javase/1.5.0/docs/api/javax/net/ssl/SSLContext.html#createSSLEngine() - this documentation suggests that passing hostname and port should only be required for certain cipher suites.
Perhaps a flag to force the reverse lookup if you think it's required?
Additionally, there seems to be some potential issues in that SSLSocket is in no way associated with Ruby's Socket or BasicSocket...so, for example, a flag like BasicSocket.do_not_reverse_lookup will not be adhered to when using SSLSocket (See comment https://github.com/jruby/jruby/blob/master/src/org/jruby/ext/openssl/SSLSocket.java#L130, for example).