> Let tomcat handle the ssl for you (I haven't got round to that bit yet, > but I would hope that its fairly simple, robust, and well-documented in > tomcat) ...
Ah... I didn't realize Tomcat could do that. It not only looks well- documented but also easy. That's the clear solution in my case, then. I should mention that my main concern here is security. I want a machine that's as unbreakable as possible. So I want a firewall that only opens up port 443 and only accepts XML-RPC for my two services on that port. The less software I have to depend on that could be configured incorrectly (Apache) the better. Thanks for the offer of the handler servlet. I may get back to you. Devon
