I recently returned to an old PGB app and found the same thing. For Windows universal apps (that run on Windows Phone 10) you now need to upload a .pfx file at Account->Edit Account->Signing Keys, under the Windows 10 heading. There are instructions on how to make a .pfx for dev purposes @ How to create an app package signing certificate (Windows), which is frankly, a pain. But as I understand it you'll need a 'proper' code-signing certificate from a 3rd party to publish a Windows 10 app in the Windows store.
So, having done the song and dance for the creating a dev signing certificate, I decided just to upload our 3rd-party (distribution) signing certificate and use that all the time. BTW, to get that to work, I had to import the original into the Windows certificate manager and export only the final cert in the chain (turn off the 'include all certificates in the chain option). The password you apply there is the one you'll have to use on PGB to unlock the cert for builds.
www.ksoftware.net does some cheap(ish) code-signing certificates. You can use them for desktop Windows apps too (which is how I happened to already have one).
Hope this helps.