Yesterday I was working on a new Sharepoint setup for a customer, and this website needed to be SSL only. So only on HTTPS instead of both HTTP and HTTPS. The customer did help us by already buying the Certificate.
When I got at the point I wanted to install, I did just finish the wizard in IIS, and installed the p7b certificates. So all the certificates were installed in the proper location and in the Computer MMC and not the USER mmc (when starting MMC open the Certification Snap in as Computer and not User!).
I noticed i was missing the private key, while the certificate was installed properly. This way i was not able to select the SSL certificate for the Website in IIS. Asking the customer they told me they generated the CSR on a different machine.
WIth the DIGICERT TOOL we could export the whole pfx and then we did an import on the IIS machine using the same tool again. We could then repair the SSL Certificate.
So To move an SSL certificate without the PrivateKey you can use the DIGICERT Tool to Export the current certificate and key and then import it. Keep in mind you MUST have access to the machine where the CSR was generated.