We are signing our files using credentials from an spc-file and a private key stored in a pfx-file. We would like to start using SignTool instead of SignCode for this. Converting the signing info into a pfx file is a piece of cake using pkv2pfx.exe but the resulting file can be used by anyone to sign files (using signtool.exe). With Sign code, if someone not authorized got his hands on the spc and pfx, the program prompted for a password in order to sign a file.
My question is: how can I create a pfx file from my spc/pvk pair that requires a password in order to function?
Editing the pfx, removing any stored password that way, would also solve the problem, if possible (as long as the user gets prompted for password when using the file).