The My TechNet Security tour is officially underway with the first stop in Winnipeg complete. As you are aware if you've ever attended an event we always have time for Q&A at the end of the day and there were a lot of good questions. All were answered but I did promise some resources with the how-to information. There are demos on implementing SSL, Forms Based Authentication on Exchange and on ISA and one of the questions was what customizations were possible. The good news was a lot and how?
I also mentioned a tool you can use for testing SSL which allows you to create self signed certificates. This tool will create and install the certificate and can be used to encrypt the traffic. It is part of the IIS 6.0 Resource Kit.
There are some other connections that can be secured with SSL including RDP and Virtual Server 2005 R2 with certificates from trusted roots (i.e. Go Daddy, VeriSign, Thawte) or with self signed certs. I wrote a few articles at www.thelazyadmin.com a few years ago which outline how to do this.
Just remember that using a self signed certificate will work as far as encrypting the traffic but is not an effective method of validating the server you are connecting too!