We’re looking at bringing FIPS 140-3 validated cryptography to Proxmox VE. Before we commit, we want to know if the market actually wants it.
Here’s the situation. Broadcom’s VMware licensing changes are pushing a lot of enterprise customers toward Proxmox. Proxmox is solid (Debian-based, KVM, mature, production-proven) and the migration makes technical sense. But organizations in regulated industries need FIPS 140-3 validated cryptography as a procurement requirement. Government, defense, healthcare, finance. No FIPS, no purchase order. And right now nobody offers FIPS-validated Proxmox. Those customers are stuck.
We think we can fix that. wolfSSL has already completed a full conversion of Debian Bookworm (the OS Proxmox is built on) to route all system cryptography through wolfCrypt, our FIPS 140-3 validated module (Certificate #4718). That means OpenSSL, GnuTLS, libgcrypt, NSS, and the Linux kernel crypto API all running on validated crypto. Our wolfProvider plugs into OpenSSL 3.x as a provider, so applications that link against OpenSSL pick up wolfCrypt automatically without code
changes.
Proxmox delegates nearly all of its cryptography to these system libraries. The web UI, REST API, cluster communication, SPICE console, live migration, Proxmox Backup Server encryption: it all goes through OpenSSL or GnuTLS or kernel crypto at the bottom. Our Debian conversion already covers those layers. The remaining Proxmox-specific integration work is smaller than you’d expect (mostly configuration and validation testing, not new engineering).
We’re also working on wolfCrypt-backed OpenZFS encryption separately. Combined, that would give Proxmox FIPS 140-3 coverage from the hypervisor management layer all the way down to storage encryption. Complete stack, single FIPS module, single vendor.
But we’d like to better understand real-world requirements before moving forward. If your organization is unable to deploy Proxmox due to FIPS requirements, or if you’re transitioning away from VMware and need FIPS support in your target platform, we’d love to hear about your environment and the compliance challenges you’re working through. Contact us!
If you have questions about any of the above, please contact us at facts@wolfssl.com or call us at +1 425 245 8247.
Download wolfSSL Now