(I'll leave the question of why you're using Outlook with an Exchange Server and the IMAP protocol instead of just using MAPI aside and just assume you're trying to test IMAP with Outlook and that you'll be using other non-Outlook IMAP clients later.)
The certificate created during installation of Certificate Services is a certificate authority (CA) certificate. (You may want to read up a bit on how a PKI works. It's dead simple math and logic, and it's a good thing to know about in general. Have a look at http://www.tbs-sct.gc.ca/pki-icp/beginners/faq/faq-eng.asp for a nice beginner's guide.) That certificate is not suitable for use by the IMAP server.
Be aware that by installing your own CA you're going to be creating certificates that won't be trusted by clients by default (since the clients have never heard of your CA). If you intend to turn this server loose on clients on the Internet at-large you're going to need to get a certificate from a trusted public certification authority.
Instead of choosing the CA's certificate when you're configuring SSL for your IMAP Virtual Server, create a new certificate and submit the request to your certificate server service via the "Send the request immediately to an online certification authority" radio-button in the IIS Certificate Wizard. This will cause a certificate and public/private keys to be created by IIS, submitted to the CA for signing, and a certificate to be issued and installed.
After you've done all that, verify that you can TELNET to port 993 on the Exchange Server computer from a client and that you do get a successful open TCP connection (to make sure communication between the client and server on TCP port 993 isn't being firewalled anywhere). Once you've got that, connect your test IMAP client to it.
You're not really thinking of using IMAP and Outlook to talk to Exchange, are you?
Best Answer
I believe your problem lies in using a non standard port.
RFC 4409, RFC 3207, and RFC 2476 may help you.
Almost all mail routing (at least as much as I've dealt with it) is done on port 25 using TLS over standard SMTP, and the clients probably won't send on another port unless you tell it to.
There's also some info from this site:
The link in the above quote is dead, but this one seems to work.
Another informative forum link here.