Buy a certificate from your preferred vendor. Follow their instructions for IIS for the certificate request and installation. Key point is the common name, which will be in the format of host.example.com - no https or / anything.
Once the certificate is installed, test again. The certificate will protect everything in IIS, so OWA, RPC over HTTPS, Exchange ActiveSync and OMA.
Simon.