You can test this all for yourself... Install yourself a windows server (Virtual if needbe), setup a CA on it, then setup a website in IIS and request yourself a certificate & install it. Check the certificate out using the certificate snap in and you'll see it has a private key. Connect to the website from another machine and grab the certificate and compare the difference.
Then if you want to experiment with re-establishing an SSL tunnel, setup another virtual machine and install ISA 2006 on it. Use its reverse proxy feature to publish your website, you'll see it only works with a certificate containing the private key.
You'll find that the certificate you grab from a Sony server won't contain a private key. Without your certificate containing a private key your not going to be able to establish another tunnel with the PS3.