Evidently there is a difference in regards to certificates between IIS 6.0 and IIS 5.0. I have previously used madboa’s SSL HOWTO to generate, sign and export PEM certificates to the PFX format that IIS expects. However, today, I tried using the same procedure with an older Windows 2000/ IIS 5.0 server and repeatedly got the same “import password is incorrect or the certificate has expired” message.
After some searching and learning that few people have had success with IIS 5.0, I came across a post from dejavu.mu.nu detailing exactly how to create a certificate that would work with IIS 5.0.
Loving the fact that I can push something Open Source onto a Windows platform!