This is a shorter post than usual, hoping to help someone who is trying to add an SSL certificate to a Hosted Service in Azure and is a certificate newbie like myself. I just wasted almost an hour going about it in the wrong way, or actually on the wrong OS (as far as I can tell).
Short summary: Use a Windows Server, not Windows 7, to create your Certificate Signing Request (CSR), complete the certificate creation and export the needed .PFX file
I bought a certificate through GoDaddy, went through the certificate signing process from my Windows 7 machine, but was never able to export a .PFX file (option was greyed out) to upload on the Azure Management Portal. I tried and tried for over an hour, before I found some signs on the internet that the OS might play a difference. So I instead connected with Remote Desktop to one of my web role instances and went through the process there instead, and everything worked fine! I created my Certificate Signing Request using IIS Manager, uploaded it to GoDaddy (where I bought the SSL certificate), downloaded the created certificate, installed the intermediate certificate through MMC and then completed the certificate process through IIS by importing the .CRT file from GoDaddy. I could thereafter export the certificate from IIS as a .PFX file and upload it to Windows Azure.
I followed the step-by-step instructions here to generate the CSR and install the certificate in IIS 7: