Handle an uninitialized token when adding CA certs to an NSS db
The getcert -a option will add the CA chain to an NSS database.
It will create this database if it doesn't already exist. For
sqlite database it is created with an uninitialized PIN. Catch
this condition and set an empty PIN.
Related to: https://pagure.io/certmonger/issue/155