Check out this recent document and graph posted at Netcraft.
Here's an excerpt:
As the original developers of the SSL protocol, Netscape started out with a lead in the SSL server market. But they were soon overtaken by Microsoft's Internet Information Server, which within a few years held a steady 40-50% of the SSL server market.Overall, according to Netcraft, Apache accounts for 44% of all SSL-enabled sites where IIS accounts for 43.8%. The use of IIS leveled off in 2001 and declined until 2002, then climbed a little bit between 2002 and 2003, and has been experiencing a steady decline since that time.
Apache has taken much longer to reach the top. Version 1 of Apache did not include SSL support : in the 1990s, US export controls, and the patent on the RSA algorithm in the US, meant that cryptographic support for open source projects had to be developed outside of the US, and were distributed separately. Several independent projects provided SSL support for Apache, including Apache-SSL and mod_ssl; but commercial spin-offs, like Stronghold by c2net (later bought by Red Hat), were more popular at that time.
Now that mod_ssl is included as standard in version 2, Apache has become more popular for hosting secure websites.