Managing Encryption and Certificates in Oracle® Solaris 11.2

Exit Print View

Updated: September 2014

Key Management Framework Utilities

    KMF provides methods for managing the storage of keys and provides the overall policy for the use of those keys. KMF can manage the policy, keys, and certificates for three public key technologies:

  • Tokens from PKCS #11 providers, that is, from the Cryptographic Framework

  • NSS, that is, Network Security Services

  • OpenSSL, a file-based keystore

The kmfcfg tool can create, modify, or delete KMF policy entries. The tool also manages plugins to the framework. KMF manages keystores through the pktool command. For more information, see the kmfcfg (1) and pktool (1) man pages, and the following sections.