diff --git a/crypto/fips1402/src/main/java/org/keycloak/crypto/fips/KeycloakFipsSecurityProvider.java b/crypto/fips1402/src/main/java/org/keycloak/crypto/fips/KeycloakFipsSecurityProvider.java
index a1cc5f952de..f32b48a2ebb 100644
--- a/crypto/fips1402/src/main/java/org/keycloak/crypto/fips/KeycloakFipsSecurityProvider.java
+++ b/crypto/fips1402/src/main/java/org/keycloak/crypto/fips/KeycloakFipsSecurityProvider.java
@@ -26,6 +26,7 @@ public class KeycloakFipsSecurityProvider extends Provider {
                 ", FIPS-JVM: " + isSystemFipsEnabled() +
                 ")", 1, "Keycloak pseudo provider");
         this.bcFipsProvider = bcFipsProvider;
+        logger.infof("KeycloakFipsSecurityProvider created: %s", this.toString());
     }
 
     @Override
diff --git a/docs/guides/server/fips.adoc b/docs/guides/server/fips.adoc
index 3534495f7d5..b0b9cd77a5f 100644
--- a/docs/guides/server/fips.adoc
+++ b/docs/guides/server/fips.adoc
@@ -118,18 +118,11 @@ Using that option results in stricter security requirements on cryptography and
 NOTE: In strict mode, the default keystore type (as well as default truststore type) is BCFKS. If you want to use a different keystore type
 it is required to use the option `--https-key-store-type` with appropriate type. A similar command might be needed for the truststore as well if you want to use it.
 
-When starting the server, you can include TRACE level in the startup command. For example:
-
-[source,bash,subs=+attributes]
-----
---log-level=INFO,org.keycloak.common.crypto.CryptoIntegration:TRACE
-----
-
-By using TRACE level, you can check that the startup log contains `KC` provider with the note about `Approved Mode` such as the following:
+When starting the server, you can check that the startup log contains `KC` provider with the note about `Approved Mode` such as the following:
 
 [source]
 ----
-KC(BCFIPS version 2.0102 Approved Mode, FIPS-JVM: enabled) version 1.0 - class org.keycloak.crypto.fips.KeycloakFipsSecurityProvider,
+KeycloakFipsSecurityProvider created: KC(BCFIPS version 2.0102 Approved Mode, FIPS-JVM: enabled) version 1.0
 ----
 
 === Cryptography restrictions in strict mode
diff --git a/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/FipsDistTest.java b/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/FipsDistTest.java
index a6975f0be31..3e441e570ed 100644
--- a/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/FipsDistTest.java
+++ b/quarkus/tests/integration/src/test/java/org/keycloak/it/cli/dist/FipsDistTest.java
@@ -30,7 +30,7 @@ import org.keycloak.it.utils.RawKeycloakDistribution;
 
 import io.quarkus.test.junit.main.Launch;
 
-@DistributionTest(keepAlive = true, defaultOptions = { "--db=dev-file", "--features=fips", "--http-enabled=true", "--hostname-strict=false", "--log-level=org.keycloak.common.crypto.CryptoIntegration:trace" })
+@DistributionTest(keepAlive = true, defaultOptions = { "--db=dev-file", "--features=fips", "--http-enabled=true", "--hostname-strict=false" })
 @RawDistOnly(reason = "Containers are immutable")
 @Tag(DistributionTest.SLOW)
 public class FipsDistTest {
@@ -44,8 +44,7 @@ public class FipsDistTest {
             cliResult.assertStarted();
             // Not shown as FIPS is not a preview anymore
             cliResult.assertMessageWasShownExactlyNumberOfTimes("Preview features enabled: fips:v1", 0);
-            cliResult.assertMessage("Java security providers: [ \n"
-                    + " KC(" + BCFIPS_VERSION + ", FIPS-JVM: " + KeycloakFipsSecurityProvider.isSystemFipsEnabled() + ") version 1.0 - class org.keycloak.crypto.fips.KeycloakFipsSecurityProvider");
+            cliResult.assertMessage("KeycloakFipsSecurityProvider created: KC(" + BCFIPS_VERSION + ", FIPS-JVM: " + KeycloakFipsSecurityProvider.isSystemFipsEnabled() + ") version 1.0");
         });
     }
 
@@ -57,8 +56,7 @@ public class FipsDistTest {
 
             CLIResult cliResult = dist.run("start", "--fips-mode=strict");
             cliResult.assertMessage("password must be at least 112 bits");
-            cliResult.assertMessage("Java security providers: [ \n"
-                    + " KC(" + BCFIPS_VERSION + " Approved Mode, FIPS-JVM: " + KeycloakFipsSecurityProvider.isSystemFipsEnabled() + ") version 1.0 - class org.keycloak.crypto.fips.KeycloakFipsSecurityProvider");
+            cliResult.assertMessage("KeycloakFipsSecurityProvider created: KC(" + BCFIPS_VERSION + " Approved Mode, FIPS-JVM: " + KeycloakFipsSecurityProvider.isSystemFipsEnabled() + ") version 1.0");
 
             dist.setEnvVar("KC_BOOTSTRAP_ADMIN_PASSWORD", "adminadminadmin");
             cliResult = dist.run("start", "--fips-mode=strict");
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcAdmExec.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcAdmExec.java
index 3ab6b342b01..636711cbb38 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcAdmExec.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcAdmExec.java
@@ -1,9 +1,12 @@
 package org.keycloak.testsuite.cli;
 
+import org.keycloak.common.crypto.FipsMode;
+import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
 import org.keycloak.testsuite.cli.exec.AbstractExec;
 import org.keycloak.testsuite.cli.exec.AbstractExecBuilder;
 
 import java.io.InputStream;
+import java.util.List;
 
 /**
  * @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
@@ -37,6 +40,15 @@ public class KcAdmExec extends AbstractExec {
                 .execute();
     }
 
+    @Override
+    public List<String> stderrLines() {
+        List<String> lines = super.stderrLines();
+        // remove the two lines with the BC provider info if FIPS
+        return AuthServerTestEnricher.AUTH_SERVER_FIPS_MODE == FipsMode.DISABLED || lines.size() < 2
+            ? lines
+            : lines.subList(2, lines.size());
+    }
+
     public static class Builder extends AbstractExecBuilder<KcAdmExec> {
 
         @Override
diff --git a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcRegExec.java b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcRegExec.java
index e90f867af16..b6926ceedde 100644
--- a/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcRegExec.java
+++ b/testsuite/integration-arquillian/tests/base/src/main/java/org/keycloak/testsuite/cli/KcRegExec.java
@@ -1,9 +1,12 @@
 package org.keycloak.testsuite.cli;
 
+import org.keycloak.common.crypto.FipsMode;
+import org.keycloak.testsuite.arquillian.AuthServerTestEnricher;
 import org.keycloak.testsuite.cli.exec.AbstractExec;
 import org.keycloak.testsuite.cli.exec.AbstractExecBuilder;
 
 import java.io.InputStream;
+import java.util.List;
 
 /**
  * @author <a href="mailto:mstrukel@redhat.com">Marko Strukelj</a>
@@ -37,6 +40,15 @@ public class KcRegExec extends AbstractExec {
                 .execute();
     }
 
+    @Override
+    public List<String> stderrLines() {
+        List<String> lines = super.stderrLines();
+        // remove the two lines with the BC provider info if FIPS
+        return AuthServerTestEnricher.AUTH_SERVER_FIPS_MODE == FipsMode.DISABLED || lines.size() < 2
+            ? lines
+            : lines.subList(2, lines.size());
+    }
+
     public static class Builder extends AbstractExecBuilder<KcRegExec> {
 
         @Override