possible. Extended support for 1.1.1 and 1.0.2 to gain access to security fixes
for those versions is [available](/support/contracts.html).
-The following OpenSSL version(s) are FIPS validated:
+The following OpenSSL version(s) are FIPS validated. Versions marked as historic
+were previously validated, but are no longer listed on the current certificate:
OpenSSL Version | Certificate | Security Policy
:-: | :-: | :-:
+3.0.9 | [certificate][cert4282] | [security policy][secpol 3.0.9]
3.0.8 | [certificate][cert4282] | [security policy][secpol 3.0.8]
-3.0.0 | [certificate][cert4282] | [security policy][secpol 3.0.0]
+3.0.0 (historic) | [certificate][cert4282] | [security policy][secpol 3.0.0]
[cert4282]: https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/4282
[secpol 3.0.0]: fips-doc/openssl-3.0.0-security-policy-2023-01-26.pdf
[secpol 3.0.8]: fips-doc/openssl-3.0.8-security-policy-2023-05-05.pdf
+[secpol 3.0.9]: fips-doc/openssl-3.0.9-security-policy-2024-01-12.pdf
<br>
For a list of CVEs and their impact on validated FIPS providers, visit the