public static void AddPrivateKeyReadPermission(this X509Certificate2 cert, IdentityReference account)
{
string location = NativeMethods.GetKeyLocation(cert);
if (location == null)
{
throw new CertificateNotFoundException("The certificate private key was not found. Manually add permissions for the service account to read this private key");
}
FileInfo info = new FileInfo(location);
info.AddFileSecurity(account, FileSystemRights.Read, AccessControlType.Allow);
}
