TuxCare Advances AlmaLinux 9.6 FIPS 140-3 Certification: All Cryptographic Modules Now on NIST’s Modules in Process List
TuxCare
This milestone confirms that each module has successfully passed accredited lab testing and received the required CAVP/ESV certificates. The modules are now awaiting final CMVP review and certificate issuance, bringing AlmaLinux 9.6 within reach of full FIPS 140-3 validation.
Additionally, Libgcrypt has been updated and re-validated for 9.2 and retested under the 9.6 OE, which will make it the first Active 9.6 module.
TuxCare’s Extended Security Updates offering provides a complete set of FIPS-validated AlmaLinux packages required for regulated workloads, including the kernel, OpenSSL, GnuTLS, NSS and Libcrypt.
FIPS 140-3 certification is mandatory for U.S. and Canadian federal agencies, contractors, and cloud providers serving them, and is increasingly adopted by organizations handling regulated or sensitive data. By managing the validation process, TuxCare eliminates the need for enterprises to invest heavily in cryptographic expertise, infrastructure, and certification costs – reducing compliance complexity while ensuring long-term security.
“Achieving MIP status for all four modules demonstrates clear progress on the path to delivering FIPS 140-3 certification for AlmaLinux 9.6,” said Michael Canavan, Chief Revenue Officer at TuxCare. “For our customers in defense, government, healthcare, and finance, this ensures a predictable compliance roadmap and a trusted platform to build their critical workloads on.”
TuxCare’s Extended Security Updates (ESU) program ensures that AlmaLinux 9.2, 9.6, and 9.10 will all benefit from:
- Long-term patch coverage with High and Critical security updates for validated versions
- FIPS-compliant patching that maintains validated cryptography across the lifecycle
- Fast-track re-certification for cryptographic CVEs, much faster than the general FIPS process
By aligning ESU with the lifetime of FIPS certificates, TuxCare ensures AlmaLinux systems remain secure, audit-ready, and compliant for up to five years — without forcing rushed migrations or costly revalidation.
With AlmaLinux 9.2 already FIPS-certified and AlmaLinux 9.6 modules now under CMVP review, TuxCare is on track to deliver continuous FIPS-validated assurance across AlmaLinux releases. This reinforces AlmaLinux’s position as a stable, enterprise-ready, RHEL-compatible OS for organizations that cannot afford compromises in compliance or security.
TuxCare sister company CloudLinux, a platinum-level sponsor of the AlmaLinux OS Foundation, covered the FIPS 140-3 certification process costs for the AlmaLinux 9.2 kernel, OpenSSL, GnuTLS, NSS and Libcrypt.
To learn more about FIPS for AlmaLinux, visit:
https://tuxcare.com/fips-for-almalinux/
About TuxCare
TuxCare is on a mission to reduce the world’s risk of cyber exploitation. Through its automated rebootless security patching solutions, enterprise-grade support, vulnerability management tools, and endless lifecycle support services for open-source software, TuxCare allows thousands of organizations to rapidly remediate vulnerabilities and make their organization enterprise-ready with increased security and compliance. The world’s largest enterprises, government agencies, service providers, universities, and research institutions are protected by TuxCare on over one 1.2 million workloads and growing. For more information, go to https://tuxcare.com.
DeShea Witcher
TuxCare
marketing@tuxcare.com
Legal Disclaimer:
EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
