back to all blogsSee all blog posts

Support for FIPS 140-3 with Java 8 in 25.0.0.3-beta

image of author
David Mueller on Mar 11, 2025
announcements , release , beta , security ,
Post available in languages:

Federal Information Processing Standards (FIPS) are standards and guidelines that are issued by the National Institute of Standards and Technology (NIST) for federal government computer systems. In this release, you can set up Liberty to comply with the FIPS 140-3 standard when you use the IBM SDK, Java Technology Edition 8.

Run FIPS-compliant applications with Liberty FIPS 140-3 support

See also previous Open Liberty beta blog posts.

Try it now

To try out this feature, update your build tools to pull the Open Liberty All Beta Features package instead of the main release. The beta works with Java SE 23, 21, 17, 11, and 8. However, FIPS 140-3 support is available only with Java 8 and the IBM SDK.

If you’re using Maven, you can install the All Beta Features package using:

Copied to clipboard
<plugin>
    <groupId>io.openliberty.tools</groupId>
    <artifactId>liberty-maven-plugin</artifactId>
    <version>3.11.2</version>
    <configuration>
        <runtimeArtifact>
          <groupId>io.openliberty.beta</groupId>
          <artifactId>openliberty-runtime</artifactId>
          <version>25.0.0.3-beta</version>
          <type>zip</type>
        </runtimeArtifact>
    </configuration>
</plugin>

Or for Gradle:

Copied to clipboard
buildscript {
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath 'io.openliberty.tools:liberty-gradle-plugin:3.9.2'
    }
}
apply plugin: 'liberty'
dependencies {
    libertyRuntime group: 'io.openliberty.beta', name: 'openliberty-runtime', version: '[25.0.0.3-beta,)'
}

Or if you’re using container images:

Copied to clipboard
FROM icr.io/appcafe/open-liberty:beta

Or take a look at our Downloads page.

If you’re using IntelliJ IDEA, Visual Studio Code or Eclipse IDE, you can also take advantage of our open source Liberty developer tools to enable effective development, testing, debugging and application management all from within your IDE.

For more information on using a beta release, refer to the Installing Open Liberty beta releases documentation.

Run FIPS-compliant applications with Liberty FIPS 140-3 support

In 25.0.0.3-beta, Open Liberty supports the FIPS 140-3 standard when you use the IBM SDK, Java Technology Edition 8.

If you installed the IBM SDK 8, you can enable FIPS 140-3 by setting the following system properties, for example in your jvm.options file:

Copied to clipboard
-Dcom.ibm.ws.beta.edition=true
-Xenablefips140-3
-Dcom.ibm.jsse2.usefipsprovider=true
-Dcom.ibm.jsse2.usefipsProviderName=IBMJCEPlusFIPS

For more information, see FIPS 140-3 in the IBM SDK documentation.

For Java SE 11 and later SDKs, you can configure FIPS 140-2 support, as described in Run FIPS-compliant applications on Open Liberty.

We welcome your feedback

Let us know what you think on our mailing list. If you hit a problem, post a question on StackOverflow. If you hit a bug, please raise an issue.