URL: https://github.com/freeipa/freeipa/pull/1315 Author: flo-renaud Title: #1315: Fix ipa-replica-install when key not protected by PIN Action: opened PR body: """ When ipa-replica-install is called in a CA-less environment, the certs, keys and pins need to be provided with --{http|dirsrv|pkinit}-cert-file and --{http|dirsrv|pkinit}-pin. If the pin is not provided in the CLI options, and in interactive mode, the installer prompts for the PIN. The issue happens when the keys are not protected by any PIN, the installer does not accept an empty string and keeps on asking for a PIN. The fix makes sure that the installer accepts an empty PIN. A similar fix was done for ipa-server-install in https://pagure.io/freeipa/c/4ee426a68ec60370eee6f5aec917ecce444840c7 Fixes: https://pagure.io/freeipa/issue/7274 """ To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/1315/head:pr1315 git checkout pr1315