No password on openssl::export::pkcs12 not working as expected

[edestecd]

The default of false for out_pass does not work.

Per this, you need to specify a blank password to get no password.
This is our experience as well.
http://stackoverflow.com/questions/27497723/export-a-pkcs12-file-without-an-export-password

A current workaround is to set

out_pass => ''

However this is not a permanent solution and the default should really work.

I think this code should fix it:

      $passout_opt = $out_pass ? {
        false   => '-passout pass:',
        default => "-passout pass:${out_pass}",
      }

[edestecd]

Another option is to change the default to undef:

define openssl::export::pkcs12(
  $basedir,
  $pkey,
  $cert,
  $ensure    = present,
  $chaincert = false,
  $in_pass   = false,
  $out_pass  = undef,
) {

[edestecd]

Let me know your opinion and I'll gladly make a PR.

[raphink]

I think a PR for that would be fine. @cjeanneret do you see any issue with that?

[raphink]

Imo, the undef option would be better.

[raphink]

Any interest in providing a PR for this still?

[stale]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.