I create a *.pfx file from .key and .crt files by openssl. The creation works, but as I copy the .pfx file to the centralized certificates store of IIS it cannot be read.
openssl pkcs12 -export -out _.mydomain.tld.pfx -in test.crt -inkey test.key -password pass:THE_MIGHTY_PASSWORD
The "Centralized Certificates" console in IIS shows the certificate with an red/white X and shows "The system cannot find the file specified".
But if I call the page the certificate is used.
By importing the openssl created .pfx file to my local computer and exporting it again with the same name and password it works in the IIS centralized certificates store.
So why can the openssl created .pfx file can be imported but does not work in the IIS centralized store as it is? What is added during the local export to make it work in IIS?