In my automation environment, I'm running most Posh-ACME commands with the common -Verbose parameter for better troubleshooting the case of an error.

I now realized, that the New-PACertificate function logs the PFX Password I'm passing to the function (even when passed as SecureString).
IMHO, secrets should never be logged - not even in verbose mode.

It would be nice, if secrets would be redacted before sent to log...