Came across this error today when updating a new certificate used in a WCF service for digital signatures.
Turns out the solution, as always, was pretty simple: give correct permissions to the private key file.
Open the certificate manager and locate the correct certificate.
Right click and navigate to: All Tasks -> Manage Private Keys.
Change the file permissions so the IIS user can read.
Read more on stackoverflow.com.