For signing singleimage installation packages and the executables inside the packages I use a code signing certificate obtained from Sectigo. Recently I got an email from Sectigo that certificates will no longer be  issued in the form of a pfx file, but as a token instead which is compatible with the Microsoft Certificate Store.

To be prepared for the change I decided to import my certificate into the Microsoft Certificate Store and change the signing from using pfx file into certificate store. InstallShield Express recognised my certificate from the Cetificate Store , Digest Selection: based on the certificate hash and I started the build of the project.

Instead of the predicted multiple password requests, I got error 1027 for every signing  attempt.

Is this error 1027 caused by the fact that the certificate is a SHA384 and not a SHA1 or SHA256?

The signing using the pfx file works perfect. 

Jos