Signing a Custom Package File with the Installed Certificate

Signing a Custom Package File with the Installed Certificate
There are several ways to sign a custom package file with the installed certificate. Two common methods are to either use Jamf Composer or the command line:
Method 1—Use Composer
Open Composer Preferences.

Ensure the Build flat PKGs checkbox is selected.

Select the Sign with: checkbox and choose your certificate from the pop-up menu.
Click Save.
When a new package is created with these settings, it will be signed by the certificate.

Method 2—Use the Command Line
Open Terminal and enter a command similar to the following:

/usr/bin/productsign –sign “”

For example, if the certificate common name was “JamfSign”, the command would be the following:

/usr/bin/productsign –sign “JamfSign” ~/Desktop/CustomPackage.pkg ~/Desktop/CustomPackage-signed.pkg

Link
https://docs.jamf.com/technical-articles/Creating_a_Signing_Certificate_Using_Jamf_Pros_Built-in_CA_to_Use_for_Signing_Configuration_Profiles_and_Packages.html

Creating a Signing Certificate Using Jamf Pro’s Built-in CA to Use for Signing Configuration Profiles and Packages
https://docs.jamf.com/technical-articles/Creating_a_Signing_Certificate_Using_Jamf_Pros_Built-in_CA_to_Use_for_Signing_Configuration_Profiles_and_Packages.html