Summary
The Federal Information Processing Standards 140-2 and 140-3 ensure that cryptographic tools implement their algorithms properly. You'll find a complete list of all FIPS 140-2 and FIPS 140-3 certificates at the NIST CMVP website. The Red Hat certificates are below.
A note on applicability: The exact platform and environment tested is specified in the Security Policy for each certificate, though generally applicable to other Red Hat products where the binary versions of modules are running unmodified as well. FIPS 140 certificates issued to Red Hat are not generally applicable to non-Red Hat products. Please see the Security Policy, available at the following links for specifics. Module binaries may be unchanged across Red Hat Enterprise Linux minor releases. In this case, Red Hat reports the same applicable module version and certificate for such releases.
| RHEL 9.4 - FIPS 140-3 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | 3.0.7-395c1a240fbfffd8 | openssl-fips-provider-3.0.7-2.el9 | Active | #4857 |
| Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_2 | Active | #4754 |
| Kernel Cryptographic API | TBD | TBD | -- | N/A |
| GnuTLS | TBD | gnutls-3.8.3-1.el9 | -- | N/A |
| NSS | TBD | TBD | -- | N/A |
| RHEL 9.2 - FIPS 140-3 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | 3.0.7-395c1a240fbfffd8 | openssl-3.0.7-18.el9_2 | Active | #4857 |
Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_2 | Active | |
Kernel Cryptographic API | kernel 5.14.0-284.57.1.el9_2, libkcapi 1.3.1-3.el9 | kernel-5.14.0-284.57.1.el9_2, libkcapi-1.3.1-3.el9, libkcapi-hmaccalc-1.3.1-3.el9 | N/A | |
GnuTLS | 3.7.6-074d015ce201f43 | gnutls-3.7.6-21.el9_2.1, nettle-3.8-3.el9_0.x86_64 | Active | |
NSS | 3.90.0-4408e3bb8a34af3a | nss-3.90.0-6.el9_2 | N/A | |
| RHEL 9.0 - FIPS 140-3 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 9 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z16, and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | 3.0.1-3f45e68ee408cd9c | openssl-3.0.1-46.el9_0.3 | Active | |
Libgcrypt | 1.10.0-8b6840b590cedd43 | libgcrypt-1.10.0-10.el9_0 | Active | |
Kernel Cryptographic API | kernel 5.14.0-70.53.1.el9_0, libkcapi 1.3.1-3.el9 | kernel-5.14.0-70.53.1.el9_0, libkcapi-1.3.1-3.el9, libkcapi-hmaccalc-1.3.1-3.el9 | Active | |
GnuTLS | 3.7.6-66803fa128d6a6e5 | gnutls-3.7.6-19.el9_0 | Active | |
NSS | 4.34.0-a20cd33fbbe14357 | nss-softokn-3.79.0-18.el9_0, nss-softokn-freebl-3.79.0-18.el9_0 | Active | |
| RHEL 8.10 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_9 | Active | |
Kernel Cryptographic API | TBD | TBD | --- | N/A |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
| RHEL 8.9 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_9 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
| RHEL 8.8 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_8 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
Kernel Cryptographic API | kernel 4.18.0-477.72.1.el8_8.x86_64, libkcapi-1.2.0-3.el8_8.x86_64 | kernel-4.18.0-477.72.1.el8_8, libkcapi-1.2.0-3.el8_8, and libkcapi-hmaccalc-1.2.0-3.el8_8 | N/A | |
NSS | TBD | nss-3.90.0-6.el8_8 | N/A | |
GnuTLS | rhel8.20240328 | gnutls-3.6.16-7.el8_8.3 | Active | #4428 |
| RHEL 8.7 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
GnuTLS | rhel8.20220830 | gnutls-3.6.16-5.el8_6 | Replaced by rhel8.20240328 | N/A |
| RHEL 8.6 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Tested on Red Hat Enterprise Linux 8 running on Dell PowerEdge R440 with an Intel(R) Xeon(R) Silver 4216, IBM z15, IBM POWER9 and IBM Power10 | ||||
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20231130 | openssl-1.1.1k-12.el8_6 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-7.el8_6 | Active | |
Kernel Cryptographic API | kernel 4.18.0-372.52.1.el8_6, libkcapi 1.2.0-2.el8 | kernel-4.18.0-372.52.1.el8_6, libkcapi-1.2.0-2.el8, libkcapi-hmaccalc-1.2.0-2.el8 | N/A | |
GnuTLS | rhel8.20220830 | gnutls-3.6.16-4.el8_6 | Active | |
NSS | rhel8.20211124 | nss-3.67.0-7.el8_5 | Replaced by rhel8.20240328 | N/A |
| RHEL 8.5 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel8.20220323 | openssl-1.1.1k-6.el8_5 | Active | |
Libgcrypt | rhel8.20210628 | libgcrypt-1.8.5-6.el8 | Updated | N/A |
Kernel Cryptographic API | rhel8.20211004 | kernel-4.18.0-348.el8 | Active | |
NSS | rhel8.20210708 | 3.67.0-6.el8_4 | Updated | N/A |
GnuTLS | rhel8.20210628 | gnutls-3.6.16-4.el8 | Updated | N/A |
| RHEL 8.4 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
| OpenSSL | rhel8.20210325 | openssl-1.1.1g-15.el8_3 | Active | #4271 |
| Libgcrypt | rhel8.20200615 | libgcrypt-1.8.5-4.el8 | Active | #4397 |
| Kernel Cryptographic API | rhel8.20210614 | kernel-4.18.0-305.7.1.el8_4 | Active | #4384 |
| GnuTLS | rhel8.20210401 | gnutls-3.6.14-8.el8_3 | Active | #4272 |
| NSS | rhel8.20201215 | nss-3.53.1-17.el8_3 | Active | #4413 |
| RHEL 7.9 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Kernel Cryptographic API | rhel7.20210526 | kernel-3.10.0-1160.31.1.el7 | Active | |
| RHEL 7.8 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
Kernel Cryptographic API | rhel7.20200812 | kernel-3.10.0-1127.19.1.el7 | Active | |
| RHEL 7.7 - FIPS 140-2 | ||||
|---|---|---|---|---|
| Cryptographic Module | Module Version | Associated Packages | Validation Status | Certificate |
OpenSSL | rhel7.20190409 | openssl-1.0.2k-19.el7 | Historical | |
Kernel Cryptographic API | rhel7.20200812 | kernel-3.10.0-1127.19.1.el7 | Active | |
GnuTLS | 7.0 | gnutls-3.3.29-9.el7_6.x86_64.rpm | Historical | |
NSS | rhel7.20190606 | nss-softokn-3.44.0-5.el7 | Active | |
OpenSSH Server | rhel7.20190626 | openssh-7.4p1-21.el7 | Historical | |
OpenSSH Client | rhel7.20190626 | openssh-7.4p1-21.el7 | Historical | |
Libreswan | rhel7.20190509 | libreswan-3.25-4.8.el7_6 | Historical | |
Products in Scope
- Red Hat Enterprise Linux
- 9.4
- 9.2
- 9.0
- 8.10
- 8.9
- 8.8
- 8.7
- 8.6
- 8.5
- 8.4
- 7.9
- 7.8
- 7.7
Meta Data
Products
Regions
Industries
