Starting with RHEL 9.0, FIPS Validation will move from the FIPS 140-2 standard to the FIPS 140-3 standard. RHEL 9.0 and beyond will update from OpenSSL 2.x to OpenSSL 3.0.

This work will affect all OCP core and optional components built with RHEL 9 UBI and all components that directly include RHEL 9 OpenSSL, such as HAProxy and Service Mesh. This will also impact Platform Plus components: ACM, ACS and Quay. 

Red Hat will submit OpenSSL 3.0 as part of our FIPS 140-3 validations starting no later than RHEL 9.1. The RHEL team is strongly considering starting the validation process with 9.0 GA. OpenSSL 3.0 will not be brought back to RHEL 8 due to the number of changes in OpenSSL 3. 

For more information about OpenSSL 3.0 and FIPS see:  https://www.openssl.org/docs/man3.0/man7/fips_module.html