21 lines
779 B
PowerShell
21 lines
779 B
PowerShell
function Set-AclOnCert {
|
|
[CmdletBinding()]
|
|
param(
|
|
[psobject]$Thumbprint,
|
|
[string]$Identity,
|
|
[string]$FileSystemRights,
|
|
[string]$Type,
|
|
[string]$StoreName
|
|
)
|
|
|
|
$mycert = Get-Item -Path cert:\LocalMachine\$StoreName\$Thumbprint
|
|
$keyPath = $env:ProgramData + "\Microsoft\Crypto\RSA\MachineKeys\"
|
|
$keyName = $mycert.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName
|
|
$keyFullPath = $keyPath + $keyName
|
|
$acl = (Get-Item $keyFullPath).GetAccessControl("Access")
|
|
$permission=$Identity,$FileSystemRights,$Type
|
|
$accessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permission
|
|
$acl.AddAccessRule($accessRule)
|
|
Set-Acl -Path $keyFullPath -AclObject $acl
|
|
}
|