diff --git a/ssl_mgmt/ssl_mgmt b/ssl_mgmt/ssl_mgmt
index f1c9cb1..42496dd 100755
--- a/ssl_mgmt/ssl_mgmt
+++ b/ssl_mgmt/ssl_mgmt
@@ -219,8 +219,10 @@ generate_cert ()
 	then
 		return 1
 	fi
+	getfacl "$keyPath" | setfacl --set-file=- newkeys/$keyFile
 	mv newkeys/$keyFile private
 	openssl ca -batch -out newcerts/$certFile -config $confFile -passin file:/root/passwords/root_ca -infiles csr/$reqFile
+	getfacl "$certPath" | setfacl --set-file=- newcerts/$certFile
 	mv newcerts/$certFile certs
 	cat private/$keyFile certs/$certFile > private/$keycertFile
 	return 0