Customer PortalContact Us
FIPS 140 Rebranding

FIPS 140 Rebranding Service.

Available exclusively to Engineering and Enterprise Support customers, giving your organization its own validated FIPS certificate at no extra cost.

FIPS
140-3
CMVP · #4985
Validated · active to 2030
— Why rebrand

A certificate in your name.

Procurement teams, auditors, and government buyers increasingly require a FIPS 140 certificate issued to your organization — not a third party's. Rebranding gives you a validated module under your own name, so you can answer an RFP, pass an audit, or sell into a regulated market without re-running validation yourself.

Win regulated deals

Meet procurement and RFP requirements that mandate a FIPS-validated module in your company's name.

Pass audits faster

Hand auditors a certificate listed on the NIST CMVP under your organization — clear, verifiable, official.

Skip the validation effort

Reuse OpenSSL's existing validated module instead of funding and running a full FIPS validation yourself.

— Benefits

Your own validated FIPS certificate, on us.

Engineering and Enterprise Support customers are entitled to complimentary FIPS rebranding. This service issues a validated OpenSSL FIPS Provider certificate in your organization’s name, managed exclusively in partnership with Lightship Security.

OpenSSL 3.1.2, validated under FIPS 140-3 and issued certificate #4985, is now available for rebranding. This validation remains active until 10 March 2030, ensuring long-term compliance with the latest cryptographic standards.

Organizations may also reference prior validated modules — certificates #4282 and #4811 (OpenSSL 3.0.8 / 3.0.9, FIPS 140-2, valid until 21 September 2026) — as part of OpenSSL’s ongoing record of FIPS-certified releases.

Managed by Lightship Security

Validation and rebranding are handled by Lightship Security, an accredited cryptographic-module testing laboratory — so your certificate is issued through an official CMVP-recognized process.

  • One complimentary rebrand per year (Engineering)
  • Multiple rebrands annually (Enterprise)
  • Certificate issued in your organization’s name
  • Managed by Lightship Security
  • Cost-free with Engineering and Enterprise Support
  • Backed by the OpenSSL Corporation
— How it works

From request to your certificate.

A guided process, managed end-to-end with Lightship Security. You bring the organization details; we handle the validation mechanics.

01

Confirm eligibility

Rebranding is included with Engineering and Enterprise Support. We confirm your plan and the module you need.

02

Scope with Lightship

We map the validated OpenSSL module to your requirements and gather the details for the certificate.

03

Validation paperwork

Lightship manages the CMVP-recognized rebranding process against the active OpenSSL FIPS validation.

04

Certificate in your name

You receive a validated FIPS 140-3 certificate issued to your organization — ready for audits, RFPs, and customers.

Included at no extra cost with Engineering and Enterprise Support.View support plans
— Certificates

A record of validated releases.

#4985
OpenSSL 3.1.2
FIPS 140-3 · active until 10 Mar 2030
Current · rebrandable
View on NIST CMVP
#4811
OpenSSL 3.0.8 / 3.0.9
FIPS 140-2 · valid until 21 Sep 2026
View on NIST CMVP
#4282
OpenSSL 3.0.8 / 3.0.9
FIPS 140-2 · valid until 21 Sep 2026
View on NIST CMVP
Request your FIPS rebrand Engineering Support · 1×/year · Enterprise Support · multiple/year
— Questions

FIPS rebranding, answered.

Which FIPS standard does the certificate cover?

The current module (OpenSSL 3.1.2, certificate #4985) is validated under FIPS 140-3 and remains active until 10 March 2030. Prior validated modules #4811 and #4282 (OpenSSL 3.0.8/3.0.9, FIPS 140-2, valid until 21 Sep 2026) can also be referenced.

Can we ship the validated module inside our product?

Yes — that’s the purpose of rebranding. The certificate is issued in your organization’s name so you can deploy and sell it within your own products and regulated environments.

Who actually performs the validation work?

Lightship Security, an accredited cryptographic-module testing laboratory, manages the rebranding through the official CMVP-recognized process — backed by the OpenSSL Corporation.

My platform isn’t covered by your security policy — what can we do?

Various modifications can be made during the rebranding effort to include new platforms. OpenSSL and Lightship will work with you to facilitate this.

How many rebrands are included?

Engineering Support includes one complimentary rebrand per year; Enterprise Support supports multiple rebrands annually — useful if you ship validated modules across several products.

What does it cost?

FIPS rebranding is included at no extra cost with Engineering and Enterprise Support plans.

— Contact us

Talk to the team.

USA
OpenSSL Software Services Inc.
40 E Main St, Suite 744
Newark, DE 19711
Czech Republic
OpenSSL Software Services Czech, s.r.o.
Kotlářská 989/51a
602 00 Brno
VAT ID: CZ22314229
Email
corporation@openssl.org
Send us a message