Setting up SSL on IIS6.0

While we're on the topic of SSL
1. In IIS Create Server Certificate Request
a. IIS -> Default Website -> Properties -> Directory Security -> Server Certificate -> Follow wizard to create request
2. Using a certificate authority, either your own or someone elses, submit the request, and approve it.
a. Make sure Certificate Authority service is installed
b. Admin Tools -> Certificate Authority -> Right Click -> All Tasks -> Submit New Request
c. Use request created in 1.
d. Goto Pending Requst folder and approve
3. Download the certificate
a. In Issued Certificate, Right Click on Cert -> All Task -> Export
b. Be sure to rename in .cer extension
4. In IIS again, assign the certificate.
a. Same steps as in 1. but assign instead of create when following wizard

If it's not from Verisign or some other "trusted" authority you'll get the "not trusted authority" pop-up error, etc, but at least the connection is still https. Decent for development purposes.

.NET has makecert.exe which allows you to make a cert for development, I haven't tried that yet. Same with the latest version of IIS 7.1 or so, has a make cert function.

Redirect to HTTPS from HTTP in IIS

This is a common problem, I've seen many solutions but I like this one the best.
http://kojiroh.wordpress.com/2006/09/06/hello-world/

The basic gist is to create a simple asp page whose sole role is redirecting to asp. Then the trick is to use IIS custom errors and assign 403;4 SSL Required to this page. Make the rest of your site except this page/file SSL required. So whenever someone hits your website without ssl, custom error routes them to that asp, which then redirects them to https.