On September 4, 2020, all of the OpenSSL FIPS Object Modules (FIPS 140-2 Certs. 1747, 2398, 2473) were moved to the CMVP Historical list due to the Implementation Guidance G.18 (FIPS 186-2) transition.
Here is the text from the CMVP about FIPS modules on the Historical list:
The referenced cryptographic module should not be included by Federal Agencies in new procurements. Agencies may make a risk determination on whether to continue using this module based on their own assessment of where and how it is used.
There is no longer a requirement (from a FIPS 140-2 perspective) to have possession of the physical OpenSSL distribution CD.
If you have any questions or you are looking for ways to bridge the gap to the new FIPS module for OpenSSL 3.0, then please contact info@KeyPair.us
KeyPair Consulting gets your supported operating systems tested and listed on a FIPS 140-2 certificate (based on the OpenSSL FOM) in your company’s name. See our Private Label service for more information.