function Set-CertPermissions {
<#
.SYNOPSIS
    Assigns Certificate Permissions for a user.
#>

    [CmdletBinding()]
    Param(

        [Parameter(Mandatory=$true)]
        [string]$certThumprint,

        [Parameter(Mandatory=$true)]
        [string]$user
    )

    $logLead = Get-LogLeadName

    $certObj = Get-ChildItem "Cert:\LocalMachine\my\$certThumprint"
    $rsaCert = [System.Security.Cryptography.X509Certificates.RSACertificateExtensions]::GetRSAPrivateKey($CertObj)

    if ($rsaCert.key -and $rsaCert.key.UniqueName) {
        $fileName = $rsaCert.key.UniqueName
        $directoryRsaMachineKeys = Join-Path "C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys\" $fileName
        $directoryCryptoKeys = Join-Path "C:\ProgramData\Microsoft\Crypto\Keys\" $fileName

        if (Test-Path $directoryRsaMachineKeys) {
            $path = $directoryRsaMachineKeys
        } elseif (Test-Path $directoryCryptoKeys) {
            $path = $directoryCryptoKeys
        } else {
            Write-Error "$logLead : Did not find an associated ACL File for $certThumbprint."
        }
    } else {
        Write-Error "$logLead : Unable to determine Unique Key Name for $certThumprint"
    }

    $permissions = Get-Acl -Path $path
    $rule = New-Object Security.AccessControl.FileSystemAccessRule $user, "FullControl", Allow
    $permissions.AddAccessRule($rule)
    Set-Acl -Path $path -AclObject $permissions
}