diff --git a/java-11-openjdk.spec b/java-11-openjdk.spec
index 274032d..cc1a530 100644
--- a/java-11-openjdk.spec
+++ b/java-11-openjdk.spec
@@ -363,7 +363,7 @@
 %global top_level_dir_name   %{origin}
 %global top_level_dir_name_backup %{top_level_dir_name}-backup
 %global buildver        9
-%global rpmrelease      1
+%global rpmrelease      2
 #%%global tagsuffix     %%{nil}
 # Priority must be 8 digits in total; up to openjdk 1.8, we were using 18..... so when we moved to 11, we had to add another digit
 %if %is_system_jdk
@@ -1266,6 +1266,7 @@ Patch1011: rh1991003-enable_fips_keys_import.patch
 # RH2021263: Resolve outstanding FIPS issues
 Patch1014: rh2021263-fips_ensure_security_initialised.patch
 Patch1015: rh2021263-fips_missing_native_returns.patch
+Patch1016: rh2021263-fips_separate_policy_and_fips_init.patch
 
 #############################################
 #
@@ -1718,6 +1719,7 @@ popd # openjdk
 %patch1011
 %patch1014
 %patch1015
+%patch1016
 
 # Extract systemtap tapsets
 %if %{with_systemtap}
@@ -2490,6 +2492,10 @@ require "copy_jdk_configs.lua"
 %endif
 
 %changelog
+* Thu Feb 17 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.14.0.9-2
+- Separate crypto policy initialisation from FIPS initialisation, now they are no longer interdependent
+- Resolves: rhbz#2052820
+
 * Wed Feb 16 2022 Andrew Hughes <gnu.andrew@redhat.com> - 1:11.0.14.0.9-1
 - Update to jdk-11.0.14.0+9
 - Update release notes to 11.0.14.0+9
diff --git a/rh2021263-fips_separate_policy_and_fips_init.patch b/rh2021263-fips_separate_policy_and_fips_init.patch
new file mode 100644
index 0000000..b5351a8
--- /dev/null
+++ b/rh2021263-fips_separate_policy_and_fips_init.patch
@@ -0,0 +1,99 @@
+commit 0cd8cee94fe0f867b0b39890e00be620af1d9b07
+Author: Andrew Hughes <gnu.andrew@redhat.com>
+Date:   Tue Jan 18 02:09:27 2022 +0000
+
+    RH2021263: Improve Security initialisation, now FIPS support no longer relies on crypto policy support
+
+diff --git openjdk.orig/src/java.base/share/classes/java/security/Security.java openjdk/src/java.base/share/classes/java/security/Security.java
+index 28ab1846173..f9726741afd 100644
+--- openjdk.orig/src/java.base/share/classes/java/security/Security.java
++++ openjdk/src/java.base/share/classes/java/security/Security.java
+@@ -61,10 +61,6 @@ public final class Security {
+     private static final Debug sdebug =
+                         Debug.getInstance("properties");
+ 
+-    /* System property file*/
+-    private static final String SYSTEM_PROPERTIES =
+-        "/etc/crypto-policies/back-ends/java.config";
+-
+     /* The java.security properties */
+     private static Properties props;
+ 
+@@ -206,22 +202,36 @@ public final class Security {
+             }
+         }
+ 
++        if (!loadedProps) {
++            initializeStatic();
++            if (sdebug != null) {
++                sdebug.println("unable to load security properties " +
++                        "-- using defaults");
++            }
++        }
++
+         String disableSystemProps = System.getProperty("java.security.disableSystemPropertiesFile");
+         if ((disableSystemProps == null || "false".equalsIgnoreCase(disableSystemProps)) &&
+             "true".equalsIgnoreCase(props.getProperty("security.useSystemPropertiesFile"))) {
+-            if (SystemConfigurator.configure(props)) {
+-                loadedProps = true;
++            if (!SystemConfigurator.configureSysProps(props)) {
++                if (sdebug != null) {
++                    sdebug.println("WARNING: System properties could not be loaded.");
++                }
+             }
+         }
+ 
+-        if (!loadedProps) {
+-            initializeStatic();
++        // FIPS support depends on the contents of java.security so
++        // ensure it has loaded first
++        if (loadedProps) {
++            boolean fipsEnabled = SystemConfigurator.configureFIPS(props);
+             if (sdebug != null) {
+-                sdebug.println("unable to load security properties " +
+-                        "-- using defaults");
++                if (fipsEnabled) {
++                    sdebug.println("FIPS support enabled.");
++                } else {
++                    sdebug.println("FIPS support disabled.");
++                }
+             }
+         }
+-
+     }
+ 
+     /*
+diff --git openjdk.orig/src/java.base/share/classes/java/security/SystemConfigurator.java openjdk/src/java.base/share/classes/java/security/SystemConfigurator.java
+index 874c6221ebe..b7ed41acf0f 100644
+--- openjdk.orig/src/java.base/share/classes/java/security/SystemConfigurator.java
++++ openjdk/src/java.base/share/classes/java/security/SystemConfigurator.java
+@@ -76,7 +76,7 @@ final class SystemConfigurator {
+      * java.security.disableSystemPropertiesFile property is not set and
+      * security.useSystemPropertiesFile is true.
+      */
+-    static boolean configure(Properties props) {
++    static boolean configureSysProps(Properties props) {
+         boolean loadedProps = false;
+ 
+         try (BufferedInputStream bis =
+@@ -96,11 +96,19 @@ final class SystemConfigurator {
+                 e.printStackTrace();
+             }
+         }
++        return loadedProps;
++    }
++
++    /*
++     * Invoked at the end of java.security.Security initialisation
++     * if java.security properties have been loaded
++     */
++    static boolean configureFIPS(Properties props) {
++        boolean loadedProps = false;
+ 
+         try {
+             if (enableFips()) {
+                 if (sdebug != null) { sdebug.println("FIPS mode detected"); }
+-                loadedProps = false;
+                 // Remove all security providers
+                 Iterator<Entry<Object, Object>> i = props.entrySet().iterator();
+                 while (i.hasNext()) {