Is it not possible to get the client to use SSL only for authentication on its own, without a VPN?

I found this in the docs but this sounds like it is not enough, and even if this is set we still sniff clear text passwords

To modify the setting, edit the SSL parameters in the appSettings section of the /opt/novell/ifolder3/web/web.config file on the enterprise server.
To configure secure Web traffic with SSL, modify the value of SimiasRequireSSL to Yes and the SimiasSSLPort to 443. For example:

<add key="SimiasRequireSSL" value="yes" />

<add key="SimiasSSLPort" value="443" />


Is there a way to get the client to work over SSL or is a VPN the only solution?