OpenSSL Blog

OpenSSL FIPS Update and Expansion of Rebranding Offer


We are thrilled to inform you that the complimentary FIPS rebranding service for our premium support customers has been extended. As part of this non-contractual benefit, premium support customers are entitled to one rebranding of any of our FIPS provider certificates per year, completely free of charge.

We are excited to announce that the OpenSSL project will provide Premium Support Customers the opportunity to access a free rebranding of any of our validated OpenSSL FIPS providers.

Currently, we offer only one rebrandable certificate (#4282) covering the FIPS provider from OpenSSL 3.0.0. However, we are actively working on updating this certificate so that the FIPS provider from OpenSSL 3.0.8 is FIPS 140-2 validated. We also have a FIPS 140-3 validation of OpenSSL 3.1 in progress. While we are not anticipating immediate outcomes from these initiatives, we are pleased to inform you that, once completed, both projects will be eligible for rebranding.

As expected, certain terms and conditions apply to this offer:

  • Only existing FIPS validations can be rebranded. Pending and future validations will not be eligible for rebranding until their certificate is issued.

  • Each premium support customer is limited to rebranding a particular FIPS validation only once.

  • This offer does not apply to the old FOM for OpenSSL 1.0.2.

  • Unused rebrandings cannot be carried forward to the next year.

  • The contract year is defined as the period between the contract’s starting or renewal date and its expiration date, inclusive of those dates.

  • The OpenSSL Management Committee (OMC) reserves the right to refuse a rebranding request for any reason.

To roll out this offering OpenSSL has chosen to work with the highly experienced Intertek Acumen Security as our exclusive provider for this offer.

The rebranding will result in a FIPS module in the Premium Support Customer’s name paid for by OpenSSL Software Services (OSS). The only restriction placed upon the rebranded module is that it cannot be further rebranded for anyone else.

The rebranded module will have the same platforms listed as certificate that was rebranded; additional platforms are not covered under the free rebranding offer.

Once your rebranding is completed, you will be able to add additional platforms at your expense. If you are interested in doing so, you will need to make separate arrangements directly with Intertek Acumen Security after your rebranded certificate has been issued.