SYSTEM Cited by 1 source

OpenSSL

OpenSSL is the dominant open-source C library implementing TLS and a wide catalogue of cryptographic primitives (AES, SHA-2/3, RSA, ECDSA, X25519, and — since 3.x — post-quantum candidates via providers). It underpins most Linux-hosted TLS stacks: web servers (NGINX, Apache), databases (Postgres, MySQL), brokers (Kafka, Redpanda), SSH libraries, and language runtimes. OpenSSL ships both as a library linked by applications and as a openssl(1) command-line tool.

FIPS-validated builds

Since OpenSSL 3.x, FIPS 140 validation is delivered via a provider module (a distinct artefact from the core library) that gates the advertised algorithm surface to FIPS-approved primitives only.

• OpenSSL 3.0.9 — validated for FIPS 140-2; under NIST review for FIPS 140-3 at the time of Redpanda's 2025-05-20 post (Source: sources/2025-05-20-redpanda-implementing-fips-compliance-in-redpanda).
• OpenSSL 3.1.2 — validated for FIPS 140-3; Redpanda's late-2025 upgrade target to remain compliant once FIPS 140-2 sunsets (2026-02-22 per NIST).

A FIPS-validated build doesn't replace the default OpenSSL install — it ships as a parallel FIPS-module binary plus configuration files (openssl.cnf, fipsmodule.cnf). Applications in FIPS mode load the validated module at startup and refuse to negotiate non-approved algorithms.

Why validated-module distribution looks different from ordinary binaries

Validated-module distribution carries a per-primitive lag that ordinary library releases don't — any patch touching crypto code requires NIST re-validation before it can be consumed inside a FIPS boundary. This is structurally distinct from the normal "upgrade to get the latest CVE fix" cadence: compliance operators inside the boundary pay the validation-lag cost as part of the boundary.

Downstream vendors integrating OpenSSL FIPS mode (Redpanda, GitHub, AWS-for-GovCloud, etc.) typically ship two parallel artefacts — a default build linked against upstream OpenSSL, and a FIPS build linked against a NIST-validated OpenSSL release — so customers inside and outside the boundary can share the same upgrade pipeline. Redpanda's two-package split (redpanda-fips + redpanda-rpk-fips installable alongside the base packages) is the canonical wiki instance.

Seen in

• sources/2025-05-20-redpanda-implementing-fips-compliance-in-redpanda — canonical broker-level instance. Redpanda embeds OpenSSL 3.0.9 (FIPS 140-2 validated) as its validated-cryptographic-module substrate for both the redpanda broker binary and the rpk CLI. OpenSSL 3.1.2 (FIPS 140-3 validated) is the late-2025 upgrade target.

Related

• systems/redpanda — canonical broker-level FIPS-substrate consumer.
• concepts/fips-cryptographic-boundary — the compliance primitive OpenSSL's FIPS provider enforces.
• concepts/fips-140-validated-cryptographic-module — the module-altitude primitive OpenSSL's FIPS provider embodies.
• concepts/fips-mode-tri-state — OpenSSL's providers support the FIPS-mode enumeration instantiated by consumer apps.