Hi Kyle
That was not the case here at all. It was a brand new server and there was only 1 certificate present. AFAIS it has no impact in which store the certificate is located. I tried it from "Personal" with a new certificate as well to no avail. Changing to PFX resolves everthing.
I use LE certs and their certificates went into the "Web Hosting" store here, which is "WebHosting" (without the space) when referenced from within a powershell script, btw.
Here is a powershell script that we use for automation and that works like a charm, although the certificate is not located in "My" ("Personal"):
$mypwd = ConvertTo-SecureString -String "mysecretpassword" -Force -AsPlainText
$thumprint = (Get-ChildItem -Path Cert:\LocalMachine\WebHosting | Where-Object {$_.Subject -match "CN=mail.example.com"}).Thumbprint
Get-ChildItem -Path cert:\localMachine\WebHosting\$thumprint | Export-PfxCertificate -FilePath "C:\SmarterMail\Certificates\mail.example.com.pfx" -Password $mypwd
This will export the certificate along with all extentions, the complete chain and the private key (secured by a password) to the location where SM picks it up (port bindung -> certificate location). No problems so far.
Franz