I dont think PIX or any FW will check the SSL payload
SSL is encrypted traffic
If the SSL session terminates on a host other than the PIX -- such
as on the FTP server itself -- it's absolutely impossible for the
PIX to examine the payload and open/close pinholes for the FTP data
connection.
If it were possible for PIX to look into the payload, the security offered by SSL would itself be ineffective.
Just a thought, that it wont work out for you.
Thanks
Nadeem