Knowledgebase

This error refers to IIS 7 server and usually it can be a result of placing the certificate in the wrong certificate store or forgetting where it places the private key. Remember that only certificates that are stored in the Personal Section of the Local Computer can be used in IIS.

I. Repair a damaged certificate

1. Open up cmd.exe
2. Type: certutil -repairstore my "THUMBPRINT/SERIALNUMBER"
3. Go back into the IIS Manager and re-edit the bindings for this site.

II. Restore Certificate to the Local Computer Store

1. Open the Certificate Snap-In from within the MMC (Microsoft Management Console); Start -> Run -> Type "mmc" -> File -> Add/Remove Snap-in -> Add -> Certificates
2. Add Current User account: My User Account -> Finish.
3. Add Local Computer account: Computer account -> Local Computer -> Finish.
4. Close Add Standalone Snap-in.
5. Click Ok.
6. In a new window drag the certificate that will not install, out of the Other People store and drop it under the Local Computer -> Personal -> Certificates.
7. Open up a command prompt: Start -> Run -> Type cmd.
8. Type: certutil -repairstore my "THUMBPRINT_OF_CERTIFICATE" (with quotes)
9. You should now have the private key back on the certificate so now open up IIS and assign it to your website.