diff --git a/tasks/install.yml b/tasks/install.yml
index 397bd9b..e08508a 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -19,6 +19,7 @@
     backup: "{{ sshd_backup }}"
   when:
     - sshd_sysconfig|bool
+    - __sshd_sysconfig_supports_use_strong_rng or __sshd_sysconfig_supports_crypto_policy
   notify: reload_sshd
 
 - name: Make sure hostkeys are available and have expected permissions
diff --git a/tests/tests_sysconfig.yml b/tests/tests_sysconfig.yml
index ebd34cf..2ccbf87 100644
--- a/tests/tests_sysconfig.yml
+++ b/tests/tests_sysconfig.yml
@@ -43,10 +43,10 @@
             # these are string variants in default configuration file
             - "'SSH_USE_STRONG_RNG=0' not in config.content | b64decode"
             - "'# SSH_USE_STRONG_RNG=1' not in config.content | b64decode"
-        when:
-          - ansible_facts['os_family'] == "RedHat"
-          - ansible_facts['distribution'] != 'Fedora'
     tags: tests::verify
+    when:
+      - ansible_facts['os_family'] == "RedHat"
+      - ansible_facts['distribution'] != 'Fedora'
 
   - name: "Restore configuration files"
     include_tasks: tasks/restore.yml