PALO ALTO, Calif. – September 3, 2024 – TuxCare, a global innovator in enterprise-grade cybersecurity for Linux, today announced it received a CMVP–validated certificate for the AlmaLinux 9.2 kernel and is now on the NIST Active list. 

TuxCare’s  Extended Security Updates offering provides a complete set of FIPS-validated AlmaLinux packages required for regulated workloads, including the kernel, OpenSSL, GnuTLS, NSS and Libcrypt. The OpenSSL certificate is expected in the upcoming weeks with the other packages waiting for their certificates on the MIP list. Packages on the MIP list have successfully passed all required certification tests and have received the required CAVP/ESV certificates. This means that they are just waiting for NIST to process the report submitted by the accredited certification lab (atsec in our case) and issue the final CMVP-validated certificates. 

FIPS 140-3 certification for AlmaLinux provided by TuxCare opens up a vast array of opportunities for AlmaLinux users, as it eliminates the need for any significant investment, cryptographic expertise and time to successfully achieve such a certification. With FIPS 140-3 compliance required for U.S. and Canadian federal agencies as well as government contractors and other organizations providing them services, FIPS for AlmaLinux stands as a notable business enabler. The Extended Security Updates, delivering FIPS-validated AlmaLinux packages,   also ensure:

• Long-term High and Critical security updates for AlmaLinux 9.2, 9.6, and 9.10 (FIPS-certified releases)
• FIPS-compliant security patches that do not change the validated cryptography to ensure FIPS 140-3 continuity
• Re-certification for cryptographic CVEs (much faster than the general FIPS 140-3 certification process)

“This achievement marks a significant step forward in our commitment to delivering FIPS 140-3 certification for AlmaLinux,” said Michael Canavan, Chief Revenue Officer at TuxCare. “It’s especially pleasing to bring FIPS certification for AlmaLinux to our customers so quickly, so that they can take full advantage of their certification status as they confidently and securely grow their business, both today and onward.”

TuxCare sister company CloudLinux, a platinum-level sponsor of the AlmaLinux OS Foundation, covered the FIPS 140-3 certification process costs for the AlmaLinux 9.2 kernel, OpenSSL, GnuTLS, NSS and Libcrypt. 

To learn more about FIPS for AlmaLinux, visit:

https://tuxcare.com/fips-for-almalinux/

About TuxCare

TuxCare is on a mission to reduce the world’s risk of cyber exploitation. Through its automated live security patching solutions and extended lifecycle support services for Linux and open-source software and languages, TuxCare allows thousands of organizations to rapidly remediate vulnerabilities for increased security and compliance. The world’s largest enterprises, government agencies, service providers, universities, and research institutions are protected by TuxCare on over one million workloads and growing.  For more information, go to https://tuxcare.com. 

The post TuxCare Completes FIPS 140-3 Certification for AlmaLinux 9.2 Kernel appeared first on TuxCare.

*** This is a Security Bloggers Network syndicated blog from TuxCare authored by TuxCare Team. Read the original post at: https://tuxcare.com/blog/tuxcare-completes-fips-140-3-certification-for-almalinux-9-2-kernel/