Starting in Go 1.25, the Microsoft build of Go will default to using system-provided cryptography: OpenSSL on Linux and CNG on Windows.The systemcrypto GOEXPERIMENT will be enabled by default and picks the supported backend for the target platform.This change aligns the Microsoft build of Go with Microsoft's internal security and compliance policies, while keeping opt-out paths available for use cases that require it.What's changing?Prior to Go 1.25, developers can opt into using system-provided cryptography by setting the GOEXPERIMENT environment variable to systemcrypto before building their program.Starting with Go 1.25, the Microsoft toolchain enables systemcrypto by default. Developers can opt out by setting the GOEXPERIMENT environment variable to nosystemcrypto.For more details on FIPS-140 compliance and how systemcrypto interacts with FIPS mode, see the Microsoft build of Go FIPS Documentation.Why this change?Microsoft's internal security and compliance policies require the use of system-provided cryptography libraries. By defaulting to enable systemcrypto, the Microsoft build of Go now builds programs that meet this requirement automatically, without additional configuration by developers.While systemcrypto can help enable FIPS-140 compliance in some environments, FIPS-140 is not the primary motivator of this change. Using a system-provided cryptographic library is part of a broader Microsoft internal cryptography policy, and most Go programs at Microsoft do not require FIPS mode. However, we expect that some developers who do need FIPS-140 compliance will find it easier after this change.Will this break my builds?There are a few scenarios where you may need to take action: Linux without cgo. systemcrypto requires cgo on Linux. Cgo must be enabled and a C compiler must be available on the build system. Cgo can be manually enabled or disabled by the CGO_ENABLED setting if necessary. If your builds disable cgo or do not provide a working C compiler, you need to adjust your configuration or opt out of systemcrypto. On Windows, systemcrypto does not require cgo. The preview macOS crypto backend requires cgo. Distroless or minimal images: If you're using Linux container images without glibc or OpenSSL, you'll need to opt out of systemcrypto or use a base image that includes the required libraries. Deployment of a Linux program built on one OS (or OS version) to a different OS (or version). Cgo introduces a dependency on the build system's version of glibc. This may make the program incompatible with a different Linux distribution if it has a lower version of glibc. It's recommended to build and deploy using the same OS, but if deployment compatibility is a requirement, a common solution is to build on the oldest possible OS, or manually target an old version of glibc. If glibc (or a compatible equivalent) is not available, systemcrypto can't be used, and you'll need to opt out of systemcrypto.More InformationThis change was developed in consultation with engineering teams across Microsoft. It prioritizes security and compliance, while still providing opt-out options for scenarios with special requirements.We welcome your feedback—please don't hesitate to reach out by filing an issue!