The Credentials plugin uses a hard coded PKCS#12 store for CertificateCredentialsImpl (KeyStoreSource)

PKCS#12 is not FIPS compliant due to the use of the outer integrity check.

As such this functionality should not be usable when in FIPS mode.