According to the MSDN (http://msdn.microsoft.com/en-us/library/aa387314%28v=VS.85%29.aspx) the PFXImportCertStore function imports the cert/key into Base CSP (MS_STRONG_PROV) or Enhanced CSP (MS_ENHANCED_PROV). However, to use RSA/SHA2 signatures, I need to import the key into the Enhanced RSA and AES CSP (MS_ENH_RSA_AES_PROV) and I can't find a way to do it. The documentation mentions "provider name" from the PFX packet, but I can't find any way to set it for a pkcs12 file generated by a 3rd party (e.g. OpenSSL). Thank you in advance.