slawek/azure-storage-emulator
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix: improve feedback during PFX file generation and secure password handling

Browse Source
This commit is contained in:
Sławek Koszewski
2026-03-03 12:40:17 +01:00
parent 76c812794c
commit fb7ec2ac9e
1 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
cert-functions.sh
View File

@@ -155,17 +155,17 @@ function make_pfx() {
fi fi
if [[ ! -f "$CERT_DIR/${CERT_NAME}.pfx" ]]; then if [[ ! -f "$CERT_DIR/${CERT_NAME}.pfx" ]]; then
echo "Generating PKCS#12 (PFX) file..." echo -n "Generating PKCS#12 (PFX) file..."
# Avoid exposing the password in the command line by passing it via stdin to openssl if ! openssl pkcs12 \
if ! printf "%s\n" "$PFX_PASSWORD" | openssl pkcs12 \
-export -out "$CERT_DIR/${CERT_NAME}.pfx" \ -export -out "$CERT_DIR/${CERT_NAME}.pfx" \
-inkey "$CERT_DIR/${CERT_NAME}_key.pem" \ -inkey "$CERT_DIR/${CERT_NAME}_key.pem" \
-in "$CERT_DIR/${CERT_NAME}_cert.pem" \ -in "$CERT_DIR/${CERT_NAME}_cert.pem" \
-certfile "$CERT_DIR/ca_cert.pem" \ -certfile "$CERT_DIR/ca_cert.pem" \
-password pass:stdin; then -password pass:"$PFX_PASSWORD"; then
echo "ERROR: Failed to generate PKCS#12 (PFX) file." >&2 echo "ERROR: Failed to generate PKCS#12 (PFX) file." >&2
return 1 return 1
fi fi
echo "done."
else else
echo "PKCS#12 (PFX) file already exists, aborting generation." echo "PKCS#12 (PFX) file already exists, aborting generation."
return 1 return 1