When installing a certificate using Microsoft IIS 7.0 Manager, you may receive the following error message even though the certificate is installed:
Note: The certificate may still install successfully, in spite of the error message.
This issue occurs because IIS Manager performs a lookup operation to look for a friendly name of the certificate during the installation. However, the code that performs this lookup operation misses this specific case, and it does not know how to retrieve the friendly name of a certificate in a PKCS#7 file. Therefore, the lookup operation fails, and the error message is displayed.
This is a known issue with IIS 7.0. Please see the following Microsoft Knowledge Base Article regarding this issue: http://support.microsoft.com/kb/959216
To resolve this problem, check if the certificate is installed by performing the following steps:
Step 1: Create a 'Certificates' snap-in within the MMC
From IIS Web Server:
Step 2: Locate the SSL certificate
On the General tab, under the validity dates, there should be a key with the following message:
"You have a private key that corresponds to this certificate"
NOTE: If this is present, close the certificate and the MMC and proceed to Step 3. If there is no reference to the private key, please follow these instructions to restore the private key.
If unable to restore the private key, the certificate will need to be replaced.
If the certificate needs to be replaced, please create a new CSR on the server. Once the new CSR has been created, please submit the new CSR with a Replace request.
Step 3: Bind the SSL certificate to the web site in IIS