Exporting a Certificate and Its Private Key Without Sharing a Password With All Parties Involved
Windows Server 2012 and Windows 8 support a new feature that lets you use an Active Directory user or group account to protect a certificate and its private key.

http://windowsitpro.com/windows-server-2012/exporting-certificate-and-its-private-key-without-sharing-password-all-parties-i