Error signing an MSI package, what's going on?

I just obtained a code signing certificate from DigiCert. I've got the Microsoft Authenticode one. I was surprised they didn't ask me for a private key (I think it was generated in the browser). After exporting it from Firefox to a P12-file, I tried signing my app with it and it failed:

C:\Users\pupeno\>"C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool.exe" sign /v /f key_and_cert.p12 app.msi
SignTool Error: An unexpected internal error has occurred.
Error information: "Error: Store::ImportCertObject() failed." (-2146885630/0x80092002)

Any ideas what's going on?

DigiCert support help me through this problem and they were amazing. I'm not sure I found the actual solution to that command line issue, but there's a workaround.

Using the DigiCert SSL Utility I imported the cert and since it was the only private key/cert I had on my system, removing it from the command line picked it automatically.

The working command line ended up being like this:

"C:\Program Files (x86)\Windows Kits\10\bin\x86\signtool.exe" sign /tr http://timestamp.digicert.com /td sha256 /fd sha256 /a "app.msi"