One problem I ran into is support for the CNG provider certificates in older software. Skype for Business 2015 for example does not work with the certificates from Certify without conversion to the older CSP (CryptoAPI) provider. Certificates exported by Certify are using CNG by default.
Is it possible to add an option in export certificate to select the cryptography provider when exporting as pfx? As this problem is mostly with older software, I guess it will have only limited use (but will help me ).
A workaround is exporting as PEM and then using openssl to convert to pfx, or using the following lines:
openssl.exe pkcs12 -in sip.pfx -out sip2020.pem -passin pass: -passout pass:Secret123
openssl.exe pkcs12 -export -in sip2020.pem -out sip2020.pfx -passin pass:Secret123 -passout pass: -CSP "Microsoft RSA SChannel Cryptographic Provider"