git.stella-ops.org/etc/rootpack/us-fips/crypto.profile.yaml

StellaOps:
  Crypto:
    Registry:
      ActiveProfile: us-fips-soft
      PreferredProviders:
        - fips.ecdsa.soft
        - pq.soft
        - default
      Profiles:
        us-fips-soft:
          PreferredProviders:
            - fips.ecdsa.soft
            - pq.soft
            - default
    Diagnostics:
      Providers:
        Enabled: true
        Metrics:
          LogLevel: Information
    Notes:
      Certification: "non-certified software baseline; enable FIPS_SOFT_ALLOWED=1 to activate"