I've just done something similar to this. I opted for the https://secure.mydomain.com as I feel seeing the word secure may instill a little more confidence from some people. To get this method to work I had to add a cname record for secure.mydomain.com to my DNS entry. This then redirected all traffic as if it was going to www.mydomain.com. This means my clients will be able to use https://secure.mydomain.com/~username This was done on linux/apache but I presume would be similar on IIS.
You would have to reference it as https://secure.mydomain.com otherwise you would get a notice about the domain name not matching the certificate.
Actually reading back through your post it sounds as if you have already got a certificate for www.mydomain.com is this correct? If so then you will have to use all your secure transcations through www.mydomain.com or you will get the notice about the domain not matching the certificate.