I have a question that (hopefully) someone can shed light on. I wrote a Powershell script that would import the certificate into the Local Machine repository, and assigned Everyone Read Read access to the private key of the certificate.
Now I have a working script that does this, but I noticed that I have an account called "LogonSessionId_0_some-random-number" that assigns read permissions to the private key ACL, as shown in the following image:
At first I thought it could be my script, maybe it is, but when I manually import the certificate, I get the same result.
- , ? ? , .
, , , :
$sslCert = gci Cert:\LocalMachine\My | WHERE {$_.Subject -match $getCerts}
$sslCertPrivKey = $sslCert.PrivateKey
$privKeyCertFile = Get-Item -path "$ENV:ProgramData\Microsoft\Crypto\RSA\MachineKeys\*" | WHERE {$_.Name -eq $sslCertPrivKey.CspKeyContainerInfo.UniqueKeyContainerName}
$privKeyAcl = (Get-Item -Path $privKeyCertFile.FullName).GetAccessControl("Access")
$permission = "Everyone","Read","Allow"
$accessRule = New-Object System.Security.AccessControl.FileSystemAccessRule $permission
$privKeyAcl.AddAccessRule($accessRule)
Set-Acl $privKeyCertFile.FullName $privKeyAcl
Windows 10 Pro.
/ !