"SignTool Error: Access Denied" during TFS 2010 Build

I get a "SignTool Error: Access Denied" message when I try to sign a file. When I use cmd admin, everything works fine. However, this process will be used during the TFS 2010 build process, and using the InvokeProcess task with signtool gives the same access denied message as a command line other than the administrator.

Additional Information:

• On a corporate Win2008 R2 machine.
• User - machine administrator and domain.
• The TFS Build service is also configured to run as this user.
• Using a self-signed certificate created using the following instructions: How to create a self-signed certificate for signing code in Windows?

After following these instructions, I have the following files:

• Myca.cer
• Myca.pvk
• MySPC.cer
• MySPC.pvk
• Myspc.pfx

MyCA is in my trusted root certificate authorities. I imported MySPC.pfx into personal certificates, following the tips here: SignTool error: access denied

To do the signing, I use the MySPC.pfx fingerprint that was imported into the Personal section, so my signtool command looks like this:

sign / sha1 1e9d7b5ad98552d9c58944e3f3903e6b929f4819 / t http://timestamp.verisign.com/scripts/timestamp.dll "FileName"

Again, this works in administrator mode. This also works when running cmd as an administrator:

sign / f "C: \ Code Signing Non-Release \ MySPC.pfx" / t http://timestamp.verisign.com/scripts/timestamp.dll "FileName"

New to code signing in general, so any help is appreciated.