In this talk I will share some details on the path towards the recently obtained Security (EAL4+, German GEHEIM) and Safety (ISO26262 ASIL-B, SIL-2) certifications that have been achieved for the L4Re Operating System Framework. I will show some details on where generic software development, operating systems, and third-party code clash with the expectations of the safety norms. I will also shed some light on the challenges we face in maintaining these certifications while staying true to the open source nature of the system with contributions form a multitude of actors from various fields. I will conclude with an outlook of the things to come and how we want to ensure that open source microkernel-based operating systems can be a vital cornerstone to safe & secure systems.