By default, the Cryptographic Framework is enabled. When the kcfd daemon fails for any reason, the Service Management Facility (SMF) can be used to restart cryptographic services. For more information, see the smf(7) and svcadm(8) man pages. For the effect on zones of restarting cryptographic services, see Cryptographic Framework and Zones.
Before You Begin
You must become an administrator who is assigned the Crypto Management rights profile. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
$ svcs cryptosvc STATE STIME FMRI offline Dec_09 svc:/system/cryptosvc:default
$ svcadm enable svc:/system/cryptosvc
In the following example, cryptographic services are refreshed in the global zone. Therefore, kernel-level cryptographic policy in every non-global zone is also refreshed.
$ svcadm refresh system/cryptosvc