@Steve
There are a number of things that you can do to get this working. Some of them depend on your version of EV, and some depend on your version of Exchange. You are also interlinking two related usage scenarios, OWA and RPC/HTTP.
For the OWA SSL issue.
When you put the SSL certificate on the EV IIS site, did you change the site settings to HTTPS ?
For the RPC / HTTP issue
I assume from what you've written that you are using Exchange 2007? If that is correct, the logic in the client is that it will try your default web app URL first of all, if that fails (which it most likely will in the outside world, because the DNS namespaces are going to be different) then it will try the proxy URL only if you have configured the policy to "Use proxy" (rather than direct). Unfortunately though Vault Cache doesn't share the same logic as the majority of the rest of the client, and only "goes direct".
Until the issue is properly addressed in a future release the current workaround is to use a hosts file, which can work. You say it won't work from inside the network, why is that? Do you not allow client machines to connect to internal servers using an external address?
The best thing to do is to raise a support case, for this very issue (RPC / HTTP), and ensure it is a high severity and priority, this will help drive the future-fix to be released sooner, rather than later. I've already walked through the solution which our development team have proposed, and it will work, but unfortunately at the moment there is no timescales on when the solution will be delivered (but the more customers that "demand" this, the sooner it will be - if that makes sense).
For the OWA issue, if you can answer the above we might be address that here.
Hope that helps,
Working for cloudficient.com