The following procedure explains how to add providers to the system. You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
% cryptoadm list User-level providers: Provider: /usr/lib/security/$ISA/pkcs11_kernel.so Provider: /usr/lib/security/$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_tpm.so: all mechanisms are enabled. Kernel software providers: des aes arcfour blowfish camellia sha1 sha2 md4 md5 rsa swrand n2rng/0 ncp/0 n2cp/0
Existing provider software has been issued a certificate by Oracle.
You need to refresh providers if you added a software provider, or if you added hardware and specified policy for the hardware.
# svcadm refresh svc:/system/cryptosvc
In this case, a new kernel software provider was installed.
# cryptoadm list … Kernel software providers: des aes arcfour blowfish camellia ecc sha1 sha2 md4 md5 rsa swrand sha3 <-- added provider …
In the following example, a signed PKCS #11 library is installed.
# pkgadd -d /cdrom/cdrom0/PKCSNew Answer the prompts # svcadm refresh system/cryptosvc # cryptoadm list user-level providers: ========================== /usr/lib/security/$ISA/pkcs11_kernel.so /usr/lib/security/$ISA/pkcs11_softtoken.so /usr/lib/security/$ISA/pkcs11_tpm.so /opt/lib/$ISA/libpkcs11.so.1 <-- added provider
Developers who are testing a library with the Cryptographic Framework can install the library manually.
# cryptoadm install provider=/opt/lib/\$ISA/libpkcs11.so.1