Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Nutanix Cryptographic Module for OpenSSL
Nutanix Cryptographic Module for OpenSSL
cert_id 4249 3460
dgst 727a25d0f92f6ff0 c89b4e41f654eea7
heuristics/algorithms HMAC#A1403, Triple-DES#A1403, ECDSA#A1403, DRBG#A1403, CVL#A1403, KAS-SSC#A1403, KAS#A1403, KTS#A1403, RSA#A1403, SHS#A1403, AES#A1403, DSA#A1403 Triple-DES#2801, CVL#1994, KAS#1994, SHS#4465, DSA#1429, ECDSA#1499, KTS#C661, KTS#5562, CVL#1996, HMAC#3708, CVL#1997, Triple-DES#C661, AES#5562, AES#C661, RSA#2991, DRBG#2216
heuristics/module_processed_references/directly_referenced_by 4364, 4365 3473, 3472
heuristics/module_processed_references/indirectly_referenced_by 4364, 4365 3473, 3472
heuristics/policy_processed_references/directly_referenced_by 4364, 4365 3473, 3472
heuristics/policy_processed_references/indirectly_referenced_by 4364, 4365 3473, 3472
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES [197: 1
    • AES- 256: 1
    • AES-128: 4
    • AES-192: 3
    • AES-256: 4
    • DSA [186: 1
    • DSA8: 2
    • HMAC [198: 1
    • HMAC-SHA-1: 5
    • HMAC-SHA-1 (160: 1
    • HMAC-SHA-224: 4
    • HMAC-SHA-256: 7
    • HMAC-SHA-256 (256: 1
    • HMAC-SHA-384: 4
    • HMAC-SHA-512: 4
    • PKCS 1: 2
    • PKCS1: 2
    • RSA9: 4
    • SHA- 256: 1
    • SHA-1: 10
    • SHA-2: 8
    • SHA-224: 4
    • SHA-256: 9
    • SHA-384: 7
    • SHA-512: 6
    • SHS [180: 1
  • Certlike:
    • AES [197: 1
    • AES- 256: 1
    • AES-128: 4
    • AES-192: 3
    • AES-256: 6
    • DSA [186: 1
    • DSA8: 2
    • HMAC [198: 1
    • HMAC-SHA-1: 3
    • HMAC-SHA-1 (160: 1
    • HMAC-SHA-224: 2
    • HMAC-SHA-256: 5
    • HMAC-SHA-256 (256: 1
    • HMAC-SHA-384: 2
    • HMAC-SHA-512: 2
    • PKCS1: 2
    • RSA9: 4
    • SHA(256 and 384: 1
    • SHA- 256: 1
    • SHA-1: 11
    • SHA-2: 6
    • SHA-224: 5
    • SHA-256: 9
    • SHA-384: 7
    • SHA-512: 6
    • SHA-512 1429: 1
    • SHS [180: 1
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 12
      • AES-: 2
      • AES-128: 4
      • AES-192: 3
      • AES-256: 4
    • CAST:
      • CAST: 1
    • RC:
      • RC2: 1
      • RC4: 1
      • RC5: 1
  • DES:
    • 3DES:
      • TDEA: 3
      • Triple-DES: 4
    • DES:
      • DES: 1
  • constructions:
    • MAC:
      • CMAC: 6
      • HMAC: 9
      • HMAC-SHA-224: 2
      • HMAC-SHA-256: 4
      • HMAC-SHA-384: 2
      • HMAC-SHA-512: 2
  • miscellaneous:
    • Camellia:
      • Camellia: 1
  • AES_competition:
    • AES:
      • AES: 10
      • AES-: 1
      • AES-128: 4
      • AES-192: 3
      • AES-256: 6
    • CAST:
      • CAST: 1
    • RC:
      • RC2: 1
      • RC4: 1
      • RC5: 1
  • DES:
    • 3DES:
      • TDEA: 1
      • Triple-DES: 11
    • DES:
      • DES: 1
  • constructions:
    • MAC:
      • CMAC: 6
      • HMAC: 8
      • HMAC-SHA-224: 1
      • HMAC-SHA-256: 3
      • HMAC-SHA-384: 1
      • HMAC-SHA-512: 1
  • miscellaneous:
    • Camellia:
      • Camellia: 1
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 3
    • ECDH:
      • ECDH: 1
    • ECDSA:
      • ECDSA: 14
  • FF:
    • DH:
      • DH: 2
      • Diffie-Hellman: 10
    • DSA:
      • DSA: 10
  • ECC:
    • ECC:
      • ECC: 6
    • ECDH:
      • ECDH: 1
    • ECDSA:
      • ECDSA: 14
  • FF:
    • DH:
      • DH: 2
      • Diffie-Hellman: 12
    • DSA:
      • DSA: 10
pdf_data/keywords/hash_function
  • MD:
    • MD4:
      • MD4: 1
    • MD5:
      • MD5: 4
  • RIPEMD:
    • RIPEMD: 1
  • SHA:
    • SHA1:
      • SHA-1: 10
    • SHA2:
      • SHA-2: 8
      • SHA-224: 4
      • SHA-256: 9
      • SHA-384: 7
      • SHA-512: 6
  • MD:
    • MD4:
      • MD4: 1
    • MD5:
      • MD5: 4
  • RIPEMD:
    • RIPEMD: 1
  • SHA:
    • SHA1:
      • SHA-1: 11
    • SHA2:
      • SHA-2: 6
      • SHA-224: 5
      • SHA-256: 9
      • SHA-384: 7
      • SHA-512: 7
pdf_data/keywords/crypto_scheme
  • KA:
    • Key Agreement: 3
    • Key agreement: 3
  • MAC:
    • MAC: 1
  • KA:
    • Key Agreement: 3
    • Key agreement: 2
pdf_data/keywords/crypto_protocol
  • TLS:
    • TLS:
      • TLS: 26
      • TLS 1.0: 3
      • TLS 1.2: 2
      • TLSv1.2: 1
  • TLS:
    • TLS:
      • TLS: 26
      • TLS 1.0: 4
      • TLS 1.1: 1
      • TLS 1.2: 4
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 21
  • RNG:
    • RNG: 2
  • PRNG:
    • DRBG: 26
  • RNG:
    • RNG: 2
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 4
  • CCM:
    • CCM: 5
  • CTR:
    • CTR: 1
  • ECB:
    • ECB: 3
  • GCM:
    • GCM: 8
  • OFB:
    • OFB: 2
  • XTS:
    • XTS: 2
  • CBC:
    • CBC: 2
  • CCM:
    • CCM: 5
  • CTR:
    • CTR: 2
  • ECB:
    • ECB: 2
  • GCM:
    • GCM: 6
  • OFB:
    • OFB: 1
  • XTS:
    • XTS: 2
pdf_data/keywords/ecc_curve
  • NIST:
    • NIST P-256: 1
    • P-256: 11
    • P-384: 8
    • P-521: 6
    • secp256k1: 2
  • NIST:
    • NIST P-256: 1
    • P-256: 15
    • P-384: 12
    • P-521: 10
    • secp256k1: 2
pdf_data/keywords/tls_cipher_suite
  • TLS:
    • TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 1
    • TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 1
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_128_CCM: 1
    • TLS_DHE_RSA_WITH_AES_128_CCM_8: 1
    • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_256_CCM: 1
    • TLS_DHE_RSA_WITH_AES_256_CCM_8: 1
    • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_DH_DSS_WITH_AES_128_CBC_SHA: 1
    • TLS_DH_DSS_WITH_AES_128_CBC_SHA256: 1
    • TLS_DH_DSS_WITH_AES_128_GCM_SHA256: 1
    • TLS_DH_DSS_WITH_AES_256_CBC_SHA: 1
    • TLS_DH_DSS_WITH_AES_256_CBC_SHA256: 1
    • TLS_DH_DSS_WITH_AES_256_GCM_SHA384: 1
    • TLS_DH_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DH_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_DH_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_DH_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_DH_RSA_WITH_AES_256_CBC_SHA256: 1
    • TLS_DH_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CCM: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CCM: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_RSA_WITH_AES_256_GCM_SHA384: 1
  • TLS:
    • TLS_DHE_DSS_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_DSS_WITH_AES_128_CBC_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_256_CBC_SHA: 1
    • TLS_DHE_DSS_WITH_AES_256_CBC_SHA256: 1
    • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384: 1
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_128_CCM: 1
    • TLS_DHE_RSA_WITH_AES_128_CCM_8: 1
    • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256: 1
    • TLS_DHE_RSA_WITH_AES_256_CCM: 1
    • TLS_DHE_RSA_WITH_AES_256_CCM_8: 1
    • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_DH_DSS_WITH_AES_128_CBC_SHA: 1
    • TLS_DH_DSS_WITH_AES_128_CBC_SHA256: 1
    • TLS_DH_DSS_WITH_AES_128_GCM_SHA256: 1
    • TLS_DH_DSS_WITH_AES_256_CBC_SHA: 1
    • TLS_DH_DSS_WITH_AES_256_CBC_SHA256: 1
    • TLS_DH_DSS_WITH_AES_256_GCM_SHA384: 1
    • TLS_DH_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_DH_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_DH_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_DH_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_DH_RSA_WITH_AES_256_CBC_SHA256: 1
    • TLS_DH_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CCM: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: 1
    • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CCM: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: 1
    • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: 1
    • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: 1
    • TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: 1
    • TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: 1
    • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: 1
    • TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: 1
    • TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: 1
pdf_data/keywords/crypto_library
  • OpenSSL:
    • OpenSSL: 22
  • OpenSSL:
    • OpenSSL: 21
pdf_data/keywords/tee_name
  • AMD:
    • PSP: 1
  • IBM:
    • SSC: 2
  • AMD:
    • PSP: 1
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140-2: 24
    • FIPS 180-4: 1
    • FIPS 186-4: 1
    • FIPS 197: 1
    • FIPS 198-1: 1
  • NIST:
    • NIST SP 800-131A: 1
    • NIST SP 800-133: 1
    • NIST SP 800-135: 1
    • NIST SP 800-38A: 1
    • NIST SP 800-38B: 1
    • NIST SP 800-38C: 1
    • NIST SP 800-38D: 1
    • NIST SP 800-38E: 1
    • NIST SP 800-38F: 1
    • NIST SP 800-52: 1
    • NIST SP 800-56A: 1
    • NIST SP 800-57: 1
    • NIST SP 800-67: 1
    • NIST SP 800-90A: 1
  • PKCS:
    • PKCS 1: 1
    • PKCS1: 1
  • FIPS:
    • FIPS 140-2: 24
    • FIPS 180-4: 1
    • FIPS 186-2: 1
    • FIPS 186-4: 1
    • FIPS 197: 1
    • FIPS 198-1: 1
  • NIST:
    • NIST SP 800-133: 1
    • NIST SP 800-135: 1
    • NIST SP 800-38A: 1
    • NIST SP 800-38B: 1
    • NIST SP 800-38C: 1
    • NIST SP 800-38D: 1
    • NIST SP 800-38E: 1
    • NIST SP 800-38F: 1
    • NIST SP 800-56A: 1
    • NIST SP 800-56B: 1
    • NIST SP 800-57: 1
    • NIST SP 800-67: 1
    • NIST SP 800-90A: 1
    • SP 800-131A: 1
    • SP 800-38D: 1
    • SP 800-52: 1
  • PKCS:
    • PKCS1: 1
  • RFC:
    • RFC 2246: 1
    • RFC 4346: 1
    • RFC 5246: 2
    • RFC 5288: 1
pdf_data/policy_metadata
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/caveat When operated in FIPS mode. No assurance of the minimum strength of generated keys When installed, initialized and configured as specified in Section 3 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2022_010722_0704_signed.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/MayConsolidatedCert.pdf
web_data/date_sunset 21.09.2026
web_data/description The Nutanix Cryptographic Module for OpenSSL is a cryptographic software library, designated as a multi-chip standalone embodiment, and used in Nutanix, Inc. solutions to provide FIPS 140-2 Approved cryptographic algorithms and TLS secure communication. The Nutanix Cryptographic Library for OpenSSL is a comprehensive suite of FIPS Approved algorithms used for TLS, SSH, and other cryptographic functions.
web_data/historical_reason SP 800-56Arev3 transition
web_data/status active historical
web_data/sw_versions 6.0 5.0
web_data/tested_conf CentOS 7.9 on Nutanix Acropolis Hypervisor (AHV) 7.1.1 running on a Nutanix NX-3360-G7 (CVM) with an Intel® Xeon® Gold 6234 with PAA, CentOS 7.9 on Nutanix Acropolis Hypervisor (AHV) 7.1.1 running on a Nutanix NX-3360-G7 (CVM) with an Intel® Xeon® Gold 6234 without PAA (single-user mode), CentOS 7.9 running on a Nutanix NX-3360-G7 (CVM) with an Intel® Xeon® Gold 6234 with PAA, CentOS 7.9 running on a Nutanix NX-3360-G7 (CVM) with an Intel® Xeon® Gold 6234 without PAA CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 with PAA, CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 without PAA (single-user mode), ,
web_data/validation_history
  • date: 13.06.2022
  • lab: Lightship Security, Inc.
  • validation_type: Initial

  • date: 11.05.2023
  • lab: Lightship Security, Inc.
  • validation_type: Update

  • date: 27.06.2023
  • lab: Lightship Security, Inc.
  • validation_type: Update
  • date: 21.05.2019
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Initial

  • date: 10.07.2020
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Update

  • date: 11.08.2020
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Update