From 159de5e11d16c5eb019749bdf0285d4f233b54a1 Mon Sep 17 00:00:00 2001
From: Alexandre Bourget <alex@bourget.cc>
Date: Fri, 29 May 2015 22:47:55 -0400
Subject: [PATCH] When providing no passphrase, don't encrypt the key.

---
 cmd/new_cert.go | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/cmd/new_cert.go b/cmd/new_cert.go
index 6e78e9d..f6e558c 100644
--- a/cmd/new_cert.go
+++ b/cmd/new_cert.go
@@ -83,7 +83,13 @@ func newCertAction(c *cli.Context) {
 	if err = depot.PutCertificateSigningRequest(d, name, csr); err != nil {
 		fmt.Fprintln(os.Stderr, "Save certificate request error:", err)
 	}
-	if err = depot.PutEncryptedPrivateKeyHost(d, name, key, passphrase); err != nil {
-		fmt.Fprintln(os.Stderr, "Save key error:", err)
+	if len(passphrase) == 0 {
+		if err = depot.PutPrivateKeyHost(d, name, key); err != nil {
+			fmt.Fprintln(os.Stderr, "Save key error:", err)
+		}
+	} else {
+		if err = depot.PutEncryptedPrivateKeyHost(d, name, key, passphrase); err != nil {
+			fmt.Fprintln(os.Stderr, "Save key error:", err)
+		}
 	}
 }