fix: improve feedback during PFX file generation and secure password handling

cert-functions.sh

@@ -155,17 +155,17 @@ function make_pfx() {
     fi
 
     if [[ ! -f "$CERT_DIR/${CERT_NAME}.pfx" ]]; then
-        echo "Generating PKCS#12 (PFX) file..."
-        # Avoid exposing the password in the command line by passing it via stdin to openssl
-        if ! printf "%s\n" "$PFX_PASSWORD" | openssl pkcs12 \
+        echo -n "Generating PKCS#12 (PFX) file..."
+        if ! openssl pkcs12 \
             -export -out "$CERT_DIR/${CERT_NAME}.pfx" \
             -inkey "$CERT_DIR/${CERT_NAME}_key.pem" \
             -in "$CERT_DIR/${CERT_NAME}_cert.pem" \
             -certfile "$CERT_DIR/ca_cert.pem" \
-            -password pass:stdin; then
+            -password pass:"$PFX_PASSWORD"; then
             echo "ERROR: Failed to generate PKCS#12 (PFX) file." >&2
             return 1
         fi
+        echo "done."
     else
         echo "PKCS#12 (PFX) file already exists, aborting generation."
         return 1