If you're managing certmgr definitions via a SCM, you want to see the diff
for how one of these files changed; however, you don't want to expose the auth
key via that diff.
Thus add an option to allow reading the auth_key from a file. That file you
tell your SCM to not show changes in, but for certmgr definitions that consume
it, using auth_key_file allows you to again show those diffs.
If you're managing certmgr definitions via a SCM, you want to see the diff for how one of these files changed; however, you don't want to expose the auth key via that diff.
Thus add an option to allow reading the auth_key from a file. That file you tell your SCM to not show changes in, but for certmgr definitions that consume it, using auth_key_file allows you to again show those diffs.