This applies to IIS 6.0 and not 7.0 that I am aware of.  I will see if this has been handled differently in

IIS 7.0 later.

I found a few good resources while doing this research today.  This is a long standing problem.  This post provides resources and links to help solve the problem.

A typical scenario looks like this:

You have a single server with many websites and you need to use a certificate for SSL traffic on two of the five websites.  You do not need to use SSL at all on the remaining sites.

Solution:

You need to use a wild card certificate, assuming that all of the sites reside in the same domain space.  Just for clarification a wildcard certificate certifies a domain namespace, like www.brentpabst.com or www.microsoft.com.  Anything that exists as a domain.  What this does in essence is certify that *.brentpabst.com is OK.  So if you have any number of levels of sub-domains you could, in theory, install this certificate and it would be valid.  I found both a MSDN and a link to the Singapore .NET User's Group on the subject.

Microsoft TechNet: http://www.microsoft.com/technet/prodtechnol/WindowsServer2003/Library/IIS/596b9108-b1a7-494d-885d-f8941b07554c.mspx?mfr=true

Muang's Blog: http://sgdotnet.org/blogs/maungmaung/archive/2007/01/22/Multiple-_2800_SSL_2900_-Web-Sites-in-IIS-_2800_Part-2_2900_.aspx

If you have not done so already and work with IIS 6.0 in most of your day to day work you would do well to have the IIS 6.0 Resource Kit.  You can download it here.  In general as a SysAdmin or Engineer I also recommend having the Windows Server 2003 Administration Tool Pack.  These are all invaluable tools!

Hope it helps!