I have been scratching my head over this one. The credential that are stored in this case are the creds used to access the API for our service in order that the script can upload the certs generated through Certify. If I “run as” a different user, I need to store that creds for that user so that Certify can elevate.
Currently, I read in the API creds from a JSON file, but this is in clear text. It irks me that I am doing this, and I really dislike pointing other customers to do the same. I am not a strong enough scripter to come up with something better at this time.