Is there a best practices/correct way of code signing the installer via CPACK?

Using the NSIS/CPack package modules, is there a variable (I cant find one) to set to point the installer to a code signing certificate?

If so What formats are supported?

If not, what settings need to get setup to sign the installer?