wolfSSL is thrilled to announce that core network infrastructure applications can now achieve FIPS 140-3 compliance through our GnuTLS-wolfSSL integration. This breakthrough comes from our ongoing work integrating wolfSSL’s FIPS 140-3 certified cryptography (wolfCrypt) into GnuTLS, enabling a true drop-in solution for Linux applications.
For developers and system administrators in government, defense, finance, healthcare, and other regulated industries, this eliminates a critical barrier to deploying secure network infrastructure that must meet federal compliance standards.
What We’ve Built
Unlike traditional approaches requiring extensive rewrites, our solution operates entirely behind the scenes. By patching GnuTLS at the library level with wolfCrypt’s certified cryptographic operations, applications can gain FIPS 140-3 compliance without changing a single line of their code. Simply rebuild with our patched GnuTLS library, and your entire networking stack achieves FIPS compliance.
We’re continuously validating this integration through CI/CD testing against 17 applications, testing target versions, latest releases, and master branches to ensure rock-solid compatibility. Our fork is now debianized, making deployment as simple as installing a standard Debian package.
Network Applications Now FIPS-Ready
chrony – The widely-deployed NTP implementation for time synchronization across Linux systems, critical for distributed infrastructure and audit logging.
NetworkManager – The standard Linux network connection manager that handles everything from WiFi to VPN connections in modern distributions.
libnice – Implements ICE protocol for NAT traversal, essential for WebRTC and real-time communication applications.
curl & wget – The ubiquitous data transfer utilities now gain a clear path to FIPS compliance for secure communications.
How We Enable FIPS Compliance
These applications rely on GnuTLS for TLS connections, certificate handling, and cryptographic operations. By integrating wolfSSL’s FIPS 140-3 certified wolfCrypt module into GnuTLS, we deliver a true drop-in solution. Depending on the algorithms your application uses, you may need no code changes at all, just rebuild with our patched library and achieve FIPS compliance across your network infrastructure.
The debianized package makes deployment straightforward: install our GnuTLS-wolfSSL package on your Debian-based system, and your network applications automatically benefit from FIPS-certified cryptography.
Questions?
Take a more in-depth look at our integration on the wolfSSL GitHub, if you need support we are more than happy to help you out, you can email us at support@wolfssl.com.
If you have questions about any of the above, please contact us at facts@wolfssl.com or call +1 425 245 8247.
Download wolfSSL Now