On 2023-12-29 we have submitted our FIPS 140-3 validation report to NIST’s Cryptographic Module Validation Program (CMVP).
This in no way impacts our existing FIPS 140-2 certificate which remains valid and will be maintained until its sunset date in September 2026.
You can see the official listing for the submission in the modules in process list (scroll down to the “OpenSSL FIPS Provider” entry from “The OpenSSL Project”).
The algorithm certificates are also available.
The following platforms have been tested:
|Ubuntu Linux 22.04.1 Server
The next step is waiting for the CMVP review. It is likely to be months until a reviewer is assigned.
Once the certificate is issued, premium support customers will be able to take advantage of our no cost rebrand offer for this certificate in addition to the 3.0 certificate.
It isn’t possible to provide a timeframe in which we can be certain the CMVP review process will be complete. It is expected to take many months.