Considering I was the one who said it, I'm quite pleased to see you following up.
You will first want to look into generating ssl certificates with OpenSSL (specifically, generating root certificates), and then how to install them in a domain or directly into a windows XP box (I've yet to do it to my girlfriends vista box so I can't comment on that)
If you follow the steps you find (and I'm not providing that much information) you can run up a test with a simple apache server - giving it an SSL certificate (most of them show you how to generate your own webserver certificates from a root certificate - stay away from self signed web certificates). If you can get your browser to connect to the apache server with no SSL errors (that relate to the root certificate in the chain), then you are on the right track.
From there it is a relativly simple task of figuring out what files ettercap reads from and making sure you have your root certificate (or an intermediate signing authority) in the same format, then place it there. Ettercap will generate the rest for you (especially if you run it off BT).
It would be worth your time to hit up (at least) wikipedia to figure out how SSL security chains work and why what we are doing is working.
In terms of metasploiting the certificate on, I've only ever done it once and it was an absolute bitch to do - though recently I uncovered the command line kung fu courses for windows (wmic.exe is now my new favourite tool) so I guess it will become a lot easier.