Limiting access to the ES tools and EI

Has anyone successfully done this using SSL and ACL groups? I have been empowered to investigate this any any help would be greatly appreciated.
From what I gather, you need to configure the ES for SSL. But in order to do that you need certificates, etc. I tried following the ES SSL config guide I found on the bookshelf but I hit a roadblock at step 3. All I want to do is prevent internal un-authorized developers from accessing the production broker with any of the tools.

We are running ES 5.01 with all of the SP’s and EI 4.6 with the latest SP’s.

We can take this off-line if it gets too lengthy here. My work email address is

Thanks, Tom