function Repair-SDKAlkamiDeveloperCertificatePermissions {
    [CmdletBinding()]
    param(
        [Parameter(Mandatory = $true)]
        [ValidateNotNullOrEmpty()]
        [string[]]$PermittedIdentities
    )

    $logLead = Get-LogLeadName

    $certs = Get-ChildItem Cert:\LocalMachine\my\ | Where-Object { $_.FriendlyName -match 'Alkami' }
    $certGroups = $certs | Group-Object -Property FriendlyName
    $shouldExit = $false

    foreach ($group in $certGroups) {
        if ($group.Count -gt 1) {
            Write-Warning "$logLead : You have too many certificates locally with the friendly name [$($group.Name)]"
            $shouldExit = $true
        }
    }

    if ($shouldExit) {
        return
    }

    $expectedCerts = @()
    $expectedCerts += Find-CertificateByName -CommonName "*.dev.alkamitech.com" -StoreLocation LocalMachine -StoreName My
    $expectedCerts += Find-CertificateByName -CommonName "Alkami Issued Token" -StoreLocation LocalMachine -StoreName My
    $expectedCerts += Find-CertificateByName -CommonName "Alkami RPSTS" -StoreLocation LocalMachine -StoreName My
    $expectedCerts += Find-CertificateByName -CommonName "Alkami Mutual Client" -StoreLocation LocalMachine -StoreName My
    $expectedCerts += Find-CertificateByName -CommonName (Get-FullyQualifiedServerName) -StoreLocation LocalMachine -StoreName My
    $expectedCerts += Find-CertificateByName -CommonName "Alkami Mutual Service" -StoreLocation LocalMachine -StoreName My

    foreach ($cert in $expectedCerts) {
        Write-Host "Updating [$($cert.FriendlyName)] for [$($PermittedIdentities)]"
        foreach ($identity in $PermittedIdentities) {
            Set-AclOnCert -Thumbprint $cert.Thumbprint -Identity $identity -FileSystemRights "FullControl" -Type "Allow" -StoreName "My"
            Set-AclOnCert -Thumbprint $cert.Thumbprint -Identity $identity -FileSystemRights "FullControl" -Type "Allow" -StoreName "TrustedPeople" -ErrorAction SilentlyContinue
        }
    }
}