Summary
The Federal Information Processing Standards 140-2 and 140-3 ensure that cryptographic tools implement their algorithms properly. You'll find a complete list of all FIPS 140-2 and FIPS 140-3 certificates at the NIST CMVP website. The Red Hat certificates are below.
A note on applicability: The exact platform and environment tested is specified in the Security Policy for each certificate, though generally applicable to other Red Hat products where the binary versions of modules are running unmodified as well. FIPS 140 certificates issued to Red Hat are not generally applicable to non-Red Hat products. Please see the Security Policy, available at the following links for specifics. Module binaries may be unchanged across Red Hat Enterprise Linux minor releases. In this case, Red Hat reports the same applicable module version and certificate for such releases.
| RHEL 9.5 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | 3.0.7-395c1a240fbfffd8 | openssl-fips-provider-3.0.7-6.el9 (1) | Active | #4857 |
Notes: (1) this package contains the binary module originally certified in the openssl-3.0.7-18.el9_2 package, it has been repackaged for distribution purposes but it has not been modified | ||||
| RHEL 9.4 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | 3.0.7-395c1a240fbfffd8 | openssl-fips-provider-3.0.7-2.el9 (1) | Active | #4857 |
| Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_2 (2) | Active | #4754 |
| Kernel Cryptographic API | TBD | TBD | Implementation Under Test | N/A |
| GnuTLS | TBD | gnutls-3.8.3-1.el9 | Implementation Under Test | N/A |
| NSS | TBD | nss-3.101.0-10.el9_2 | Implementation Under Test | N/A |
Notes: (1) this package contains the binary module originally certified in the openssl-3.0.7-18.el9_2 package, it has been repackaged for distribution purposes but it has not been modified (2) inherited from RHEL 9.0, this package has not been modified | ||||
| RHEL 9.2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | 3.0.7-395c1a240fbfffd8 | openssl-3.0.7-18.el9_2 | Active | #4857 |
Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_2 (1) | Active | |
Kernel Cryptographic API | kernel 5.14.0-284.57.1.el9_2, libkcapi 1.3.1-3.el9 | kernel-5.14.0-284.57.1.el9_2, libkcapi-1.3.1-3.el9, libkcapi-hmaccalc-1.3.1-3.el9 | N/A | |
GnuTLS | 3.7.6-074d015ce201f43 | gnutls-3.7.6-21.el9_2.1, nettle-3.8-3.el9_0.x86_64 | Active | |
NSS | 3.90.0-4408e3bb8a34af3a | nss-3.90.0-6.el9_2 | N/A | |
Notes: (1) inherited from RHEL 9.0, this package has not been modified | ||||
| RHEL 9.0 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z16, and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | 3.0.1-3f45e68ee408cd9c | openssl-3.0.1-46.el9_0.3 | Active | |
Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_0 | Active | |
Kernel Cryptographic API | kernel 5.14.0-70.53.1.el9_0, libkcapi 1.3.1-3.el9 | kernel-5.14.0-70.53.1.el9_0, libkcapi-1.3.1-3.el9, libkcapi-hmaccalc-1.3.1-3.el9 | Active | |
GnuTLS | 3.7.6-66803fa128d6a6e5 | gnutls-3.7.6-19.el9_0 | Active | |
NSS | 4.34.0-a20cd33fbbe14357 | nss-softokn-3.79.0-18.el9_0, nss-softokn-freebl-3.79.0-18.el9_0 | Active | |
| RHEL 8.10 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_9 (1) | Active | |
Kernel Cryptographic API | TBD | TBD | N/A | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 (2) | Active | |
| NSS | 3.101.0-36157fa50e4c0485 | nss-3.101.0-11.el8_8 | Review Pending | N/A |
| GnuTLS | TBD | gnutls-3.6.16-8.el8_9.3 | Scenario 3A revalidation | N/A |
Notes: (1) the same binary module as in RHEL 8.6, 8.8, 8.9 and 8.10, it has been repackaged for distribution purposes but it has not been modified (2) inherited from RHEL 8.6, this package has not been modified | ||||
| RHEL 8.9 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_9 (1) | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 (2) | Active | |
Notes: (1) the same binary module as in RHEL 8.6, 8.8, 8.9 and 8.10, it has been repackaged for distribution purposes but it has not been modified (2) inherited from RHEL 8.6, this package has not been modified | ||||
| RHEL 8.8 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_8 (1) | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 (2) | Active | |
Kernel Cryptographic API | kernel 4.18.0-477.72.1.el8_8.x86_64, libkcapi-1.2.0-3.el8_8.x86_64 | kernel-4.18.0-477.72.1.el8_8, libkcapi-1.2.0-3.el8_8, and libkcapi-hmaccalc-1.2.0-3.el8_8 | N/A | |
NSS | 3.101.0-36157fa50e4c0485 | nss-3.101.0-11.el8_8 | N/A | |
GnuTLS | rhel8.20240328 | gnutls-3.6.16-7.el8_8.3 | Active | #4428 |
Notes: (1) the same binary module as in RHEL 8.6, 8.8, 8.9 and 8.10, it has been repackaged for distribution purposes but it has not been modified (2) inherited from RHEL 8.6, this package has not been modified | ||||
| RHEL 8.7 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 (1) | Active | |
GnuTLS | rhel8.20220830 | gnutls-3.6.16-5.el8_6 | Replaced by rhel8.20240328 | N/A |
Notes: (1) inherited from RHEL 8.6, this package has not been modified | ||||
| RHEL 8.6 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_6 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
Kernel Cryptographic API | kernel 4.18.0-372.52.1.el8_6, libkcapi 1.2.0-2.el8 | kernel-4.18.0-372.52.1.el8_6, libkcapi-1.2.0-2.el8, libkcapi-hmaccalc-1.2.0-2.el8 | Active | |
GnuTLS | rhel8.20220830 | gnutls-3.6.16-4.el8_6 | Replaced by rhel8.20240328 | N/A |
NSS | rhel8.20211124 | nss-3.67.0-7.el8_5 | Active | |
| RHEL 8.5 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20220323 | openssl-1.1.1k-6.el8_5 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-6.el8 | Updated | N/A |
Kernel Cryptographic API | rhel8.20211004 | kernel-4.18.0-348.el8 | Active | |
NSS | rhel8.20210708 | 3.67.0-6.el8_4 | Updated | N/A |
GnuTLS | rhel8.20210628 | gnutls-3.6.16-4.el8 | Updated | N/A |
| RHEL 8.4 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | rhel8.20210325 | openssl-1.1.1g-15.el8_3 | Active | #4271 |
| Libgcrypt | rhel8.20200615 | libgcrypt-1.8.5-4.el8 | Active | #4397 |
| Kernel Cryptographic API | rhel8.20210614 | kernel-4.18.0-305.7.1.el8_4 | Active | #4384 |
| GnuTLS | rhel8.20210401 | gnutls-3.6.14-8.el8_3 | Active | #4272 |
| NSS | rhel8.20201215 | nss-3.53.1-17.el8_3 | Active | #4413 |
| RHEL 7.9 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Kernel Cryptographic API | rhel7.20210526 | kernel-3.10.0-1160.31.1.el7 | Active | |
| RHEL 7.8 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Kernel Cryptographic API | rhel7.20200812 | kernel-3.10.0-1127.19.1.el7 | Active | |
| RHEL 7.7 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel7.20190409 | openssl-1.0.2k-19.el7 | Historical | |
Kernel Cryptographic API | rhel7.20200812 | kernel-3.10.0-1127.19.1.el7 | Active | |
GnuTLS | 7.0 | gnutls-3.3.29-9.el7_6.x86_64.rpm | Historical | |
NSS | rhel7.20190606 | nss-softokn-3.44.0-5.el7 | Active | |
OpenSSH Server | rhel7.20190626 | openssh-7.4p1-21.el7 | Historical | |
OpenSSH Client | rhel7.20190626 | openssh-7.4p1-21.el7 | Historical | |
Libreswan | rhel7.20190509 | libreswan-3.25-4.8.el7_6 | Historical | |
Products in Scope
- Red Hat Enterprise Linux
- 9.5
- 9.4
- 9.2
- 9.0
- 8.10
- 8.9
- 8.8
- 8.7
- 8.6
- 8.5
- 8.4
- 7.9
- 7.8
- 7.7
Meta Data
Products
Regions
Industries
