Red Hat Enterprise Linux 8.x comes with system-wide crypto policies to simplify management of crypto across different supported applications, such as OpenSSL, GnuTLS, Kerberos 5, Bind, NSS, Java, OpenSSH client, OpenSSH server, libssh, libreswan. This supported application list can grow with new RHEL updates.

Software-only System Manager needs system-wide crypto policy to LEGACY to support backward compatibility with older systems. Although, System Manager applications such as Wildfly Application Server, SPIRIT, SystemMonitor, CND, Postgress, OpenSSH client, OpenSSH server, Csync2, rsyslog client override system-wide crypto settings at an application level and ensure a stronger level of cryptographic strength as compared to RHEL provided LEGACY crypto policy. These applications level overrides are controlled through System Manager commands, and UI options.