The recently released security update for WordPress introduced some changes that broke my HTTPS patch for it. I have updated the patch for WordPress 2.0.6 and 2.0.7-RC1 now: wp2-ssl.patch.

Read the complete SSL setup guide here: Securing WordPress 2 Admin Access With SSL

Regarding WordPress security, please note that there still is a possible exploit for 2.0.6: New WordPress exploit also affects version 2.0.6
Make sure you use safe a PHP version and set register_globals = off.