Configure Your Web Server to Use X.509 Digital Certificate

The following procedures are performed on the web server

If the certificate is already installed on this Web server or if you are using High Trust Certificate skip the following steps.

IIS Manager 8: Import the PFX File into IIS

In IIS Manager, select the ServerName node in the tree view on the left.
Double-click the Server Certificates icon.
Select Import in the Actions pane on the right side.
In the Import Certificate dialog, use the browse button to browse to your .pfx file, and then enter the password of the certificate.
If you are using IIS Manager 8, there is a Select Certificate Store list. Select Personal. (This refers to the "personal" certificate storage of the computer, not the user.)
Ensure that Allow this certificate to be exported is enabled, and then select OK.

On the same server, open the Microsoft Management Console as described in Open MMC 3.0.
Add the Certificates snap-in for the local computer.
Expand the Personal Store.
If the Certificate does not exist, continue.
Use the more Actions to Import the Certificate as described in Additional Info.
See: Add the Certificates Snap-in to an MMC.

Skip this procedure if you are using IIS Manager 8.

Create a folder on the server file system to be used as a temporary storage folder for the certificate.
In IIS Manager, select the ServerName node in the tree view on the left.
Double-click the Server Certificates icon.
In the Server Certificates list, right-click the certificate, and then select Export.
Export the file to the folder that you created, and enter its password.
In the Microsoft Management Console, import the certificate as described in Import a Certificate. Be sure to specify the Personal store.
Leave the console open for the next procedure.
Delete the folder that you created in the first step and the certificate file in it.
- The security advantages of keeping the certificate in the certificate store are defeated if it is also in the file system.