Answering this in case anyone finds this helpful. So as of now you have a .crt file and .p7b file. Either of these files do not contain private keys. IIS or any web server for that matter needs .pfx (or .p12) which is the only file extension which supports storage of private keys. See this post for more info: https://blogs.msdn.microsoft.com/kaushal/2010/11/04/various-ssltls-certificate-file-typesextensions/
The private key gets created when you had created the certificate request. It is present on the machine where the certificate request was created. In order to get a .pfx file, do this on the machine where the certificate request was created:
- Launch MMC
- On the File menu, click Add/Remove Snap-in.
- Under Available snap-ins, double-click Certificates, and then select Computer account
- Expand the tree and right click and browse to Personal->All Tasks->Import.
- Follow the steps and select the .crt file that you want to import.
Once the file has been imported. Double click the certificate and check whether you see "You have a private key that corresponds to this certificate"
If you dont see this, then try to run this command:
Certutil -repairstore my <Certificate thumbprint>
If the command fails, then it means that the privatekey is either not present or corrupted. In such case, simply restart the entire process.
If you see the private key associated with the certificate, then you can export the certificate along with the private key. The instructions are as same as above.
I found instructions including screenshots here: https://www.sslsupportdesk.com/export-ssl-certificate-private-key-pfx-using-mmc-windows/
HTH :)