I had a discussion with one of the developers about using SSL on web sites that use host headers. My practical experience with using SSL on such web sites had been successful in the past and my understanding is that it is possible to use SSL for such web sites but that developer thought otherwise.
I had used the following resources in the past for achieving that. I hope that clarifies the confusion about using SSL for the web sites that use host headers.
Configuring SSL Host Headers
Creating Multiple Sites Using Host Header Names (IIS 6.0)