This page was not yet optimized for use on mobile devices.

Microsoft Azure Linux OpenSSL Cryptographic Library

Certificate #4496

Webpage information

Status	active
Validation dates	01.05.2023 , 24.06.2024
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Software
Embodiment	Multi-Chip Stand Alone
Caveat	When operated in FIPS mode and installed, initialized and configured as specified in Sections 1 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy
Exceptions	Physical Security: N/A
Description	Microsoft Azure Linux OpenSSL Cryptographic Library is a general-purpose, software cryptographic module that implements FIPS 140-2 approved cryptographic algorithms.
Tested configurations	Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA (single-user mode) Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA
Vendor	Microsoft Corporation
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, AES-128, AES-192, AES-256, CAST, RC2, RC4, RC5, DES, Triple-DES, 3DES, TDEA, IDEA, Camellia, HMAC, HMAC-SHA-256, HMAC-SHA-384, CMAC

Asymmetric Algorithms

ECDSA, ECC, Diffie-Hellman, DSA

Hash functions

SHA-1, SHA-224, SHA-256, SHA-512, SHA-384, SHA-2, SHA-3, SHA3-224, SHA3-256, SHA3-384, SHA3-512, MD4, MD5, RIPEMD, PBKDF

Schemes

MAC, Key Agreement, Key agreement

Protocols

SSH, TLS, TLS 1.2

Randomness

DRBG, RNG, RBG

Libraries

OpenSSL

Elliptic Curves

P-256, P-384, P-521, P-224, P-192

Block cipher modes

ECB, CBC, CTR, OFB, GCM, CCM, XTS

Vendor

Microsoft, Microsoft Corporation

Side-channel analysis

timing attacks

Standards

FIPS 140, FIPS 140-2, FIPS 197, FIPS 186-4, FIPS 180-4, FIPS 202, FIPS 198-1, SP 800-132, NIST SP 800-38A, NIST SP 800-38C, NIST SP 800-38D, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-38B, NIST SP 800-67, NIST SP 800-90A, NIST SP 800-56A, SP 800-56A, NIST SP 800-135, SP 800-135, SP 800-56C, NIST SP 800-56C, NIST SP 800-132, NIST SP 800-90B, SP 800-90A, SP 800-90B, SP 800-38F, SP 800-131A, SP 800-52, SP 800-38A, SP 800-38B, SP 800-38C, NIST SP 800-52, NIST SP 800-131A, PKCS#1, RFC-3961, RFC 7914, RFC5288

File metadata

Author	Robert Durff
Creation date	D:20240618130429-04'00'
Modification date	D:20240618130429-04'00'
Pages	28
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates Feed

15.12.2025

The certificate data changed.
Certificate changed

The state was updated.

The following values were inserted: {'policy_json_hash': None}.

The following properties were deleted: ['policy_convert_garbage'].
20.10.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
08.09.2025

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated.
19.08.2024

The certificate data changed.
Certificate changed

The web extraction data was updated.

The module_name property was set to Microsoft Azure Linux OpenSSL Cryptographic Library.
04.07.2024

The certificate data changed.
Certificate changed

The web extraction data was updated.

The validation_history property was updated, with the [[1, {'_type': 'sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry', 'date': '2024-06-24', 'validation_type': 'Update', 'lab': 'Lightship Security, Inc.'}]] values inserted.

The description property was set to Microsoft Azure Linux OpenSSL Cryptographic Library is a general-purpose, software cryptographic module that implements FIPS 140-2 approved cryptographic algorithms..

The tested_conf property was set to ['Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA', 'Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA (single-user mode)', 'Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL with PAA', 'Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel® Xeon® Platinum 8272CL without PAA'].

The PDF extraction data was updated.

The keywords property was updated, with the {'fips_certlike': {'__update__': {'Certlike': {'__delete__': ['Certificate SHS']}}}, 'vendor': {'__update__': {'Microsoft': {'__update__': {'Microsoft': 14}}}}} data.

The policy_metadata property was updated, with the {'pdf_file_size_bytes': 686003, '/CreationDate': "D:20240618130429-04'00'", '/ModDate': "D:20240618130429-04'00'"} data.

The state was updated.

The policy_pdf_hash property was set to 21361595c15de180fce825d91c9d7237e4d79ccc0f3fa24e1c0fd9c4921b9fc9.

The policy_txt_hash property was set to 9b78807ab476659402de6ffbba565d74be97ce3b18e9b2e361aa94321bf649ef.
26.06.2023

The certificate data changed.
Certificate changed

The web extraction data was updated.

The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf.
18.05.2023

The certificate was first processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4496,
  "dgst": "82ba9b272ce795cd",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#A2665",
        "KTS#A2665",
        "ECDSA#A2665",
        "CVL#A2665",
        "KAS-SSC#A2665",
        "KAS#A2665",
        "RSA#A2665",
        "SHA-3#A2665",
        "Triple-DES#A2665",
        "KDA#A2665",
        "PBKDF#A2665",
        "DSA#A2665",
        "DRBG#A2665",
        "HMAC#A2665",
        "AES#A2665"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 4
          },
          "ECDSA": {
            "ECDSA": 16
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 21
          },
          "DSA": {
            "DSA": 24
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 5
        },
        "CCM": {
          "CCM": 5
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 4
        },
        "GCM": {
          "GCM": 10
        },
        "OFB": {
          "OFB": 1
        },
        "XTS": {
          "XTS": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 39
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 4
        },
        "TLS": {
          "TLS": {
            "TLS": 22,
            "TLS 1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 11,
          "Key agreement": 2
        },
        "MAC": {
          "MAC": 1
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-192": 2,
          "P-224": 8,
          "P-256": 6,
          "P-384": 8,
          "P-521": 10
        }
      },
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "# A2665": 36,
          "AES-128": 1,
          "AES-192": 1,
          "AES-256": 1,
          "Certificate AES": 1,
          "HMAC- SHA-512": 1,
          "HMAC-SHA- 224": 2,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-256": 6,
          "HMAC-SHA-384": 2,
          "HMAC6": 2,
          "PKCS#1": 4,
          "SHA- 384": 2,
          "SHA- 512": 1,
          "SHA-1": 9,
          "SHA-2": 1,
          "SHA-224": 7,
          "SHA-256": 9,
          "SHA-3": 3,
          "SHA-384": 7,
          "SHA-512": 9,
          "SHA3- 224": 1,
          "SHA3-224": 1,
          "SHA3-256": 3,
          "SHA3-384": 2,
          "SHA3-512": 2
        }
      },
      "fips_security_level": {},
      "hash_function": {
        "MD": {
          "MD4": {
            "MD4": 1
          },
          "MD5": {
            "MD5": 4
          }
        },
        "PBKDF": {
          "PBKDF": 10
        },
        "RIPEMD": {
          "RIPEMD": 1
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 9
          },
          "SHA2": {
            "SHA-2": 1,
            "SHA-224": 7,
            "SHA-256": 9,
            "SHA-384": 7,
            "SHA-512": 9
          },
          "SHA3": {
            "SHA-3": 3,
            "SHA3-224": 1,
            "SHA3-256": 3,
            "SHA3-384": 2,
            "SHA3-512": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 12
        },
        "RNG": {
          "RBG": 1,
          "RNG": 3
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "timing attacks": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140": 2,
          "FIPS 140-2": 10,
          "FIPS 180-4": 2,
          "FIPS 186-4": 8,
          "FIPS 197": 2,
          "FIPS 198-1": 2,
          "FIPS 202": 2
        },
        "NIST": {
          "NIST SP 800-131A": 1,
          "NIST SP 800-132": 2,
          "NIST SP 800-135": 4,
          "NIST SP 800-38A": 3,
          "NIST SP 800-38B": 2,
          "NIST SP 800-38C": 1,
          "NIST SP 800-38D": 2,
          "NIST SP 800-38E": 2,
          "NIST SP 800-38F": 5,
          "NIST SP 800-52": 1,
          "NIST SP 800-56A": 6,
          "NIST SP 800-56C": 3,
          "NIST SP 800-67": 3,
          "NIST SP 800-90A": 6,
          "NIST SP 800-90B": 2,
          "SP 800-131A": 1,
          "SP 800-132": 3,
          "SP 800-135": 2,
          "SP 800-38A": 1,
          "SP 800-38B": 1,
          "SP 800-38C": 1,
          "SP 800-38F": 2,
          "SP 800-52": 1,
          "SP 800-56A": 8,
          "SP 800-56C": 2,
          "SP 800-90A": 5,
          "SP 800-90B": 3
        },
        "PKCS": {
          "PKCS#1": 2
        },
        "RFC": {
          "RFC 7914": 1,
          "RFC-3961": 1,
          "RFC5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 25,
            "AES-128": 1,
            "AES-192": 1,
            "AES-256": 1
          },
          "CAST": {
            "CAST": 1
          },
          "RC": {
            "RC2": 1,
            "RC4": 1,
            "RC5": 1
          }
        },
        "DES": {
          "3DES": {
            "3DES": 1,
            "TDEA": 1,
            "Triple-DES": 16
          },
          "DES": {
            "DES": 2
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 7,
            "HMAC": 16,
            "HMAC-SHA-256": 3,
            "HMAC-SHA-384": 1
          }
        },
        "miscellaneous": {
          "Camellia": {
            "Camellia": 1
          },
          "IDEA": {
            "IDEA": 1
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {
        "Microsoft": {
          "Microsoft": 14,
          "Microsoft Corporation": 30
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Robert Durff",
      "/CreationDate": "D:20240618130429-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20240618130429-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 686003,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/publications/detail/sp/800-38f/final",
          "https://csrc.nist.gov/publications/detail/sp/800-38a/final",
          "https://csrc.nist.gov/publications/detail/sp/800-67/rev-2/final",
          "https://csrc.nist.gov/publications/detail/sp/800-56a/rev-3/final",
          "https://csrc.nist.gov/publications/detail/sp/800-135/rev-1/final",
          "https://csrc.nist.gov/publications/detail/sp/800-38e/final",
          "https://csrc.nist.gov/publications/detail/sp/800-38d/final",
          "https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final",
          "https://csrc.nist.gov/publications/detail/fips/198/1/final",
          "https://csrc.nist.gov/publications/detail/fips/180/4/final",
          "https://csrc.nist.gov/publications/detail/fips/140/2/final",
          "https://csrc.nist.gov/publications/detail/sp/800-38b/final",
          "https://csrc.nist.gov/publications/detail/fips/186/4/final",
          "https://csrc.nist.gov/publications/detail/fips/202/final",
          "https://docs.microsoft.com/en-us/windows/security/threat-protection/fips-140-validation",
          "https://standards.globalspec.com/std/1955293/ANSI%20X9.31",
          "https://csrc.nist.gov/publications/detail/sp/800-90b/final",
          "https://csrc.nist.gov/publications/detail/sp/800-90a/rev-1/final",
          "https://csrc.nist.gov/publications/detail/fips/197/final",
          "http://creativecommons.org/licenses/by-nd-nc/1.0/",
          "https://csrc.nist.gov/publications/detail/sp/800-56c/rev-2/final",
          "https://csrc.nist.gov/publications/detail/sp/800-38c/final",
          "https://csrc.nist.gov/publications/detail/sp/800-52/rev-2/final",
          "https://csrc.nist.gov/publications/detail/sp/800-132/final"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 28
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "21361595c15de180fce825d91c9d7237e4d79ccc0f3fa24e1c0fd9c4921b9fc9",
    "policy_txt_hash": "9b78807ab476659402de6ffbba565d74be97ce3b18e9b2e361aa94321bf649ef"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode and installed, initialized and configured as specified in Sections 1 and 8 of the Security Policy. The module generates cryptographic keys whose strengths are modified by available entropy",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/May 2023_010623_0642.pdf",
    "date_sunset": "2026-09-21",
    "description": "Microsoft Azure Linux OpenSSL Cryptographic Library is a general-purpose, software cryptographic module that implements FIPS 140-2 approved cryptographic algorithms.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Microsoft Azure Linux OpenSSL Cryptographic Library",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "2.0",
    "tested_conf": [
      "Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel\u00ae Xeon\u00ae Platinum 8272CL with PAA",
      "Azure Linux 2.0 on Azure Host Hypervisor running on an Azure Compute C2030 Server with an Intel\u00ae Xeon\u00ae Platinum 8272CL without PAA (single-user mode)",
      "Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel\u00ae Xeon\u00ae Platinum 8272CL with PAA",
      "Azure Linux 2.0 running on an Azure Compute C2030 Server with an Intel\u00ae Xeon\u00ae Platinum 8272CL without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-05-01",
        "lab": "Lightship Security, Inc.",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-06-24",
        "lab": "Lightship Security, Inc.",
        "validation_type": "Update"
      }
    ],
    "vendor": "Microsoft Corporation",
    "vendor_url": "http://www.microsoft.com"
  }
}

Sections