Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
FortiGate-VM
FortiGate-VM
cert_id 4073 4607
dgst 2478b5cdde898af6 d79d5ca8d078fe26
heuristics/algorithms CVL#C2197, DRBG#C2195, RSA#C2201, ECDSA#C2199, HMAC#C2200, RSA#A1295, KTS#C2201, ECDSA#C2197, DRBG#C2198, SHS#C2199, HMAC#C2197, HMAC#C2199, SHS#C2201, AES#C2197, AES#C2140, RSA#A1294, AES#C2201, SHS#A1295, RSA#C2199, AES#C2199, SHS#A1294, ECDSA#C2201, KTS#C2199, CVL#C2199, SHS#C2197, SHS#C2200, HMAC#C2201, CVL#C2201, RSA#A1296, CVL#C2200, ECDSA#C2200, AES#C2200 CVL#C2197, DRBG#C2195, RSA#C2201, ECDSA#C2199, HMAC#C2200, RSA#A1295, KTS#C2201, KAS#C2199, ECDSA#C2197, DRBG#C2198, SHS#C2199, KAS#A1295, HMAC#C2197, HMAC#C2199, SHS#C2201, AES#C2197, KAS-SSC#A1295, AES#C2140, RSA#A1294, AES#C2201, KAS-SSC#A1294, KAS#C2197, SHS#A1295, RSA#C2199, AES#C2199, SHS#A1294, ECDSA#C2201, KTS#C2199, KAS#C2200, CVL#C2199, KAS#A1294, SHS#C2197, SHS#C2200, HMAC#C2201, CVL#C2201, RSA#A1296, KAS#C2201, CVL#C2200, ECDSA#C2200, AES#C2200
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES (128: 9
    • AES 128: 1
    • AES 256: 1
    • AES-256: 1
    • HMAC SHA-1: 7
    • HMAC SHA-256: 10
    • HMAC SHA-384: 3
    • HMAC SHA-512: 3
    • HMAC-SHA-256: 4
    • PKCS 1: 1
    • RSA PKCS 1: 1
    • SHA-1: 14
    • SHA-224: 2
    • SHA-256: 13
    • SHA-384: 5
    • SHA-512: 5
    • SHA1: 1
    • SHA2- 256: 1
    • SHA2- 384: 1
    • SHA2-256: 4
    • SHA2-384: 2
    • SHA2-512: 3
  • Certlike:
    • AES (128: 9
    • AES 128: 1
    • AES 256: 1
    • AES-256: 1
    • HMAC SHA-1: 7
    • HMAC SHA-256: 10
    • HMAC SHA-384: 3
    • HMAC SHA-512: 3
    • HMAC-SHA-256: 4
    • PKCS 1: 1
    • RSA PKCS 1: 1
    • SHA-1: 14
    • SHA-224: 2
    • SHA-256: 13
    • SHA-384: 5
    • SHA-512: 5
    • SHA1: 1
    • SHA2- 384: 1
    • SHA2-256: 2
    • SHA2-384: 1
    • SHA2-512: 2
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 29
      • AES-: 1
      • AES-256: 1
  • constructions:
    • MAC:
      • HMAC: 24
      • HMAC-SHA-256: 2
  • AES_competition:
    • AES:
      • AES: 29
      • AES-256: 1
  • constructions:
    • MAC:
      • HMAC: 25
      • HMAC-SHA-256: 2
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 1
    • ECDH:
      • ECDH: 6
    • ECDSA:
      • ECDSA: 18
  • FF:
    • DH:
      • DH: 6
      • Diffie-Hellman: 18
  • ECC:
    • ECC:
      • ECC: 1
    • ECDH:
      • ECDH: 5
    • ECDSA:
      • ECDSA: 18
  • FF:
    • DH:
      • DH: 5
      • Diffie-Hellman: 16
pdf_data/keywords/crypto_protocol
  • IKE:
    • IKE: 34
    • IKEv2: 2
  • IPsec:
    • IPsec: 30
  • SSH:
    • SSH: 16
  • TLS:
    • SSL:
      • SSL: 3
    • TLS:
      • TLS: 23
      • TLS 1.0: 1
      • TLS 1.1: 1
  • VPN:
    • VPN: 23
  • IKE:
    • IKE: 34
    • IKEv1: 1
    • IKEv2: 3
  • IPsec:
    • IPsec: 30
  • SSH:
    • SSH: 14
  • TLS:
    • SSL:
      • SSL: 3
    • TLS:
      • TLS: 23
      • TLS 1.0: 1
      • TLS 1.1: 2
      • TLS 1.2: 1
  • VPN:
    • VPN: 23
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 3
  • CTR:
    • CTR: 1
  • GCM:
    • GCM: 11
  • CBC:
    • CBC: 3
  • CTR:
    • CTR: 1
  • GCM:
    • GCM: 10
pdf_data/keywords/ecc_curve
  • Brainpool:
    • brainpoolP224r1: 1
    • brainpoolP256r1: 1
    • brainpoolP384r1: 1
    • brainpoolP512r1: 1
  • Curve:
    • Curve25519: 1
  • NIST:
    • P-256: 16
    • P-384: 12
    • P-521: 12
    • secp256r1: 1
    • secp384r1: 1
    • secp521r1: 1
  • Brainpool:
    • brainpoolP224r1: 1
    • brainpoolP256r1: 1
    • brainpoolP384r1: 1
    • brainpoolP512r1: 1
  • Curve:
    • Curve25519: 1
  • NIST:
    • P-256: 18
    • P-384: 12
    • P-521: 14
    • secp256r1: 1
    • secp384r1: 1
    • secp521r1: 1
pdf_data/keywords/tee_name
  • IBM:
    • SSC: 1
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140: 2
    • FIPS 140-2: 43
    • FIPS140-2: 1
  • NIST:
    • NIST SP 800-90A: 1
    • SP 800-133: 1
    • SP 800-52: 1
    • SP 800-90A: 1
    • SP 800-90B: 1
  • PKCS:
    • PKCS 1: 1
  • RFC:
    • RFC 5246: 1
    • RFC 5288: 1
    • RFC 7296: 1
  • FIPS:
    • FIPS 140: 2
    • FIPS 140-2: 43
  • NIST:
    • NIST SP 800-90A: 1
    • SP 800-133: 1
    • SP 800-52: 1
    • SP 800-90A: 1
    • SP 800-90B: 1
  • PKCS:
    • PKCS 1: 1
  • RFC:
    • RFC 5246: 1
    • RFC 5288: 1
    • RFC 7296: 1
pdf_data/policy_metadata
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2021_011221_0923_signed.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2023_101023_1100 signed (2).pdf
web_data/date_sunset 21.09.2026
web_data/historical_reason SP 800-56Arev3 transition - replaced by certificate #4607
web_data/status historical active
web_data/sw_versions FortiGate-VM 6.2, build 5611 FortiGate-VM 6.2, build 5203
web_data/validation_history
  • date: 17.11.2021
  • lab: Lightship Security, Inc.
  • validation_type: Initial
  • date: 26.09.2023
  • lab: Lightship Security, Inc.
  • validation_type: Initial