documentation is included in each OpenSSL distribution under the docs
directory.
+* I need a FIPS validated offering
+
+Please see
+@@@https://www.openssl.org/docs/fips.html@@@; the OpenSSL project is no longer
+involved in private label validations nor adding platforms to the existing
+certificates.
+
* How can I contact the OpenSSL developers?
The README file describes how to submit bug reports and patches to
<header><h2>FIPS-140</h2></header>
<div class="entry-content">
- <p>The most recent open source based validation of a cryptographic
+ <p>The current validation of a cryptographic
module (Module) compatible with the OpenSSL 1.0.2
is v2.0.16, FIPS 140-2 certificate <a
href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/Certificate/1747">#1747</a>.
(revision 2.0.16).
</p>
+ <p>
+ Neither validation will work with any release other than 1.0.2.
+ The OpenSSL project is no longer maintaining either the 1747
+ or the 2398 module. This includes adding platforms to those
+ validations.
+ We are starting work on a new validation, after the 1.1.1
+ release completes.
+ That module will have a small set of validated operational
+ environments.
+ The OpenSSL project is no longer involved in private label
+ validations nor adding platforms to the existing certificates.
+ </p>
+
<p>
Here is the complete set of files. Note that if you are interested
in the "1747" validation, you only need the three files mentioned
source based validated module directly. You must obtain your
own validation.</li>
- <li>None of the validations will work with OpenSSL 1.1.0 or
- later.</li>
-
- <li>We are starting work on a new validation based on the
- upcoming 1.1.1 release.</li>
-
</ul>
</div>