Adding private key to certificate with only public key on Windows Server in .NET

The following lines of code, which is part of a .NET FW 4.6.2 Console Application, execute without exceptions when run on a Windows 10. But when running on a Windows Server 2016 it causes a CryptographicException to be thrown when the Export method is called, saying Keyset does not exist (even when running as Administrator). (If compiling code for .NET Core 2, it compiles, but the executable throws a PlatformNotSupportedException on the first row.)

Certificate.PrivateKey = RSA;
byte[] Bin = Certificate.Export(X509ContentType.Pfx, password);

Background: Certificate is an X509Certificate2 with only a public key. RSA is a RSACryptoServiceProvider containing the private key corresponding to the same public key. The certificate is created by a remote ACME-compliant CA (Let's Encrypt), which is why only the public key is available, and why the private key is kept separate by the client.

The code runs without exception on Windows 10, and the generated PFX file contains the private key as it should.

The question is: Why does it throw an exception in one case, but not the other? And what would the suggested work-around be?

Source of console application: https://github.com/PeterWaher/IoTGateway/tree/master/Utilities/Waher.Utility.Acme

Compiled version: https://waher.se/Downloads/Waher.Utility.Acme.zip

Command-line parameters, to repeat the situation: (replace EMAIL, DOMAIN and WEBFOLDER with corresponding values)

Waher.Utility.Acme.exe -let -ce EMAIL -a -nk -dns DOMAIN -dns www.DOMAIN -http WEBFOLDER -f Certificate -pwd Test -v

The following event was logged in the security log of the Windows Server machine (while it worked fine for the Windows 10 machine):

Log Name:      Security
Source:        Microsoft-Windows-Security-Auditing
Date:          5/28/2018 6:56:27 PM
Event ID:      5061
Task Category: System Integrity
Level:         Information
Keywords:      Audit Failure
User:          N/A
Computer:      Domain
Description:
Cryptographic operation.

Subject:
    Security ID:        Domain\PeterWaher
    Account Name:       PeterWaher
    Account Domain:     Domain
    Logon ID:       0xBFDEC 

Cryptographic Parameters:
    Provider Name:  Microsoft Software Key Storage Provider
    Algorithm Name: UNKNOWN
    Key Name:   Domain\PeterWaher
    Key Type:   User key.

Cryptographic Operation:
    Operation:  Open Key.
    Return Code:    0x80090016