repair / restore private key on a microsoft server with certutil

Instructions

1. Log into the server with an administrative account. Choose Start and choose Run…
2. In the box type in mmc and click ok.
3. In the MMC go to File –> Add / Remove Snap-in…
4. Click the Add button and choose certificates and click Add.
5. Select Computer Account then Local Computer and Finish.
6. Close the snap in Window and click OK.
7. Navigate to the location of the certificate you need to repair.
8. For a certificate you installed the default location will be Personal –> Certificates.
9. Double click on the certificate in the right hand pane.
10. In the general information: note that if you have a private key already associated you will see a private key information bit at the bottom of the details (just above the issuer statement).
11. Click on the Details tab.

In the Details window, select Serial Number. Write down the serial number for the certificate that you wish to repair.

Open a command prompt (start –> Run –> CMD –>OK).From the command prompt run:

certutil -repairstore my “SerialNumber”

Where SerialNumber is the serial number for the certificate that you just wrote down.
Hit enter and you should receive a message stating the repair was successful.

Thank you.

Source: http://www.schalley.eu/2012/11/08/repair-restore-private-key-on-a-microsoft-server-with-certutil/