I am running SignTool with the following arguments and keep getting the same failure.
D:\Sectigo-Signmycode>"C:\Program Files (x86)\Windows Kits\10\bin\10.0.22000.0\x64\signtool.exe" ^
sign /debug /fd SHA256 ^
/f keyfile.pfx /p password ^
/td SHA256 ^
/a MyExecutable.exe
SignTool Error: An unexpected internal error has occurred. Error information: "Error: Store::ImportCertObject() failed." (-2146885630/0x80092002)
Error lookup returns "An error occurred during encode or decode operation". Windows 10 system.
I've tried SHA384 with same results. Passing invalid arguments gives the standard expected errors. However, and invalid password gives the above error. Numerous argument combinations have been tried.
The Security Certificate has only just been acquired.
Generation of the keyfile.pfx with correct password has been triple checked.
/debug has no effect.
Any ideas and/or help would be appreciated.
I had the exact same problem. Code-signing cert obtained from Sectigo via SignMyCode.com ... the problem was not with any of the signtool paramaters rather that SignMyCode.com gave me the wrong instructions to convert the .crt file(s) and .key file into a .pfx file. If you are using an online tool to create your .pfx file then you might have the same problem.
They initially advised I use the SSL Tools site which does not work to create valid .pfx files (ie resulting in the 0x80092002 error) ... when I went back to them and challenged this, they then said to use SSL Shopper. I created a .pfx file using this site and it worked perfectly first time.
I appreciate you may not be using any online tool to create your .pfx file (or you might have been provided with a .pfx file directly), but if you are, try the second link above.