This article can also be used as a reference for how to install SSL cert in IIS7 from the heading of "How to create pfx file to import the SSL cert to IIS 7".

I have got an issue once I have imported SSL certificates into IIS exactly and everything worked great except for the fact that when I navigated away from the Server Certificates window, the certificate would disappear. I could see the certificate in the server's Personal Certificate Store using MMC (Microsoft Management Console) but it wouldn't show up in IIS.

Issue:

The issue is that the certificate that I was trying to import only contained the public key and not the private. For decryption to work correctly, the server obviously needs to have both the public and the private key.

Solution:

To resolve the problem we need to create the needed PKCS #12 Certificate File and then clicked on the Import link (not the Complete Certificate Request... link) in the Server Certificates window in IIS and select the pfx file and click OK. Now you would be able to see the certificate in MMC.

How to create pfx file to import the SSL cert to IIS 7

Prerequisite:

1. Open SSL binaries
2. Save the three portions of the certificate into three separate files (Note: The Intermediate Certificate is optional, if you were not supplied with one, just skip the steps involving it):
   • privatekey.txt – Copy and paste the contents of the private key including the begin and end lines.
   • certificate.txt – Copy and paste the contents of the Regular Certificate including the begin and end lines.
   • intermediate.txt – Copy and paste the contents of the Intermediate Certificate including the begin and end lines.
3. Move the three files into the bin folder where you installed OpenSSL (default folder is C:\OpenSSL-Win32\bin).
4. Open the command prompt and navigate to the bin folder where you installed OpenSSL.
5. Enter the following line and press enter (Omit '-certfile intermediate.txt' if you do not have an Intermediate Certificate):

   openssl pkcs12 -export -out certificate.pfx -inkey privatekey.txt -in certificate.txt -certfile intermediate.txt

   After the process completes, there will be a certificate.pfx file in the bin directory that can be used to import the certificate into the servers personal certificate store