diff --git a/java-1.8.0-openjdk.spec b/java-1.8.0-openjdk.spec
index b2dae99..a6f4e44 100644
--- a/java-1.8.0-openjdk.spec
+++ b/java-1.8.0-openjdk.spec
@@ -324,7 +324,7 @@
 %global updatever       %(VERSION=%{whole_update}; echo ${VERSION##*u})
 # eg jdk8u60-b27 -> b27
 %global buildver        %(VERSION=%{version_tag}; echo ${VERSION##*-})
-%global rpmrelease      3
+%global rpmrelease      4
 # Define milestone (EA for pre-releases, GA ("fcs") for releases)
 # Release will be (where N is usually a number starting at 1):
 # - 0.N%%{?extraver}%%{?dist} for EA releases,
@@ -1337,6 +1337,7 @@ Patch1011: rh1991003-enable_fips_keys_import.patch
 # RH2021263: Resolve outstanding FIPS issues
 Patch1014: rh2021263-fips_ensure_security_initialised.patch
 Patch1015: rh2021263-fips_missing_native_returns.patch
+Patch1016: rh2021263-fips_separate_policy_and_fips_init.patch
 
 #############################################
 #
@@ -1811,6 +1812,7 @@ sh %{SOURCE12}
 %patch1011
 %patch1014
 %patch1015
+%patch1016
 
 # RHEL-only patches
 %if ! 0%{?fedora} && 0%{?rhel} <= 7
@@ -2560,6 +2562,10 @@ cjc.mainProgram(args)
 %endif
 
 %changelog
+* Wed Feb 23 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-4
+- Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent
+- Resolves: rhbz#2052821
+
 * Tue Feb 22 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:1.8.0.322.b06-3
 - Fix FIPS issues in native code and with initialisation of java.security.Security
 - Resolves: rhbz#2023387
diff --git a/rh2021263-fips_separate_policy_and_fips_init.patch b/rh2021263-fips_separate_policy_and_fips_init.patch
new file mode 100644
index 0000000..e237841
--- /dev/null
+++ b/rh2021263-fips_separate_policy_and_fips_init.patch
@@ -0,0 +1,98 @@
+commit aaf92165ad1cbb1c9818eb60178c91293e13b053
+Author: Andrew John Hughes <andrew@openjdk.org>
+Date:   Mon Jan 24 15:13:14 2022 +0000
+
+    RH2021263: Improve Security initialisation, now FIPS support no longer relies on crypto policy support
+
+diff --git openjdk.orig/jdk/src/share/classes/java/security/Security.java openjdk/jdk/src/share/classes/java/security/Security.java
+index fa494b680f..b5aa5c749d 100644
+--- openjdk.orig/jdk/src/share/classes/java/security/Security.java
++++ openjdk/jdk/src/share/classes/java/security/Security.java
+@@ -57,10 +57,6 @@ public final class Security {
+     private static final Debug sdebug =
+                         Debug.getInstance("properties");
+ 
+-    /* System property file*/
+-    private static final String SYSTEM_PROPERTIES =
+-        "/etc/crypto-policies/back-ends/java.config";
+-
+     /* The java.security properties */
+     private static Properties props;
+ 
+@@ -202,13 +198,6 @@ public final class Security {
+             }
+         }
+ 
+-        String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
+-        if (disableSystemProps == null &&
+-            "true".equalsIgnoreCase(props.getProperty
+-                ("security.useSystemPropertiesFile"))) {
+-            loadedProps = loadedProps && SystemConfigurator.configure(props);
+-        }
+-
+         if (!loadedProps) {
+             initializeStatic();
+             if (sdebug != null) {
+@@ -217,6 +206,28 @@ public final class Security {
+             }
+         }
+ 
++        String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
++        if ((disableSystemProps == null || "false".equalsIgnoreCase(disableSystemProps)) &&
++            "true".equalsIgnoreCase(props.getProperty("security.useSystemPropertiesFile"))) {
++            if (!SystemConfigurator.configureSysProps(props)) {
++                if (sdebug != null) {
++                    sdebug.println("WARNING: System properties could not be loaded.");
++                }
++            }
++        }
++
++        // FIPS support depends on the contents of java.security so
++        // ensure it has loaded first
++        if (loadedProps) {
++            boolean fipsEnabled = SystemConfigurator.configureFIPS(props);
++             if (sdebug != null) {
++                if (fipsEnabled) {
++                    sdebug.println("FIPS support enabled.");
++                } else {
++                    sdebug.println("FIPS support disabled.");
++                }
++             }
++        }
+     }
+ 
+     /*
+diff --git openjdk.orig/jdk/src/share/classes/java/security/SystemConfigurator.java openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java
+index d1f677597d..7da65b1d2c 100644
+--- openjdk.orig/jdk/src/share/classes/java/security/SystemConfigurator.java
++++ openjdk/jdk/src/share/classes/java/security/SystemConfigurator.java
+@@ -76,7 +76,7 @@ final class SystemConfigurator {
+      * java.security.disableSystemPropertiesFile property is not set and
+      * security.useSystemPropertiesFile is true.
+      */
+-    static boolean configure(Properties props) {
++    static boolean configureSysProps(Properties props) {
+         boolean loadedProps = false;
+ 
+         try (BufferedInputStream bis =
+@@ -96,11 +96,19 @@ final class SystemConfigurator {
+                 e.printStackTrace();
+             }
+         }
++        return loadedProps;
++    }
++
++    /*
++     * Invoked at the end of java.security.Security initialisation
++     * if java.security properties have been loaded
++     */
++    static boolean configureFIPS(Properties props) {
++        boolean loadedProps = false;
+ 
+         try {
+             if (enableFips()) {
+                 if (sdebug != null) { sdebug.println("FIPS mode detected"); }
+-                loadedProps = false;
+                 // Remove all security providers
+                 Iterator<Entry<Object, Object>> i = props.entrySet().iterator();
+                 while (i.hasNext()) {