One of my customers had a problem when using one certificate on IIS 7. This certificate had once been used on IIS 6 and it worked fine. This means there is no problem with the certificate itself.
Here are the steps:
Open the IIS MMC, open the Site Bindings, and then add a HTTPS binding. Select this certificate from the certificates drop down list, and click OK.
Then, got the following error:
A specified logon session does not exist. It may already have been terminated.
(Exception from HRESULT: 0x80070520)
There was no problem using other certificates in the drop down list. Using CertUtil command to verify the certificate, we got errors like: the Encryption test failed for the certificate imported.
The problem is because Administrators group doesn't have permission to access the private key file which is under C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys. By default, administrators group and system account have full control for this folder. This was resolved by giving administrators group full control to this folder.
278381 Default permissions for the MachineKeys folders