mod_gnutls

mod_gnutls is an extension for ​Apache's httpd uses the ​GnuTLS library to provide HTTPS.

It is similar to ​mod_ssl in purpose, but it supports some features and protocols that mod_ssl does not, and it does not use ​OpenSSL.

• Installing mod_gnutls
• Developing mod_gnutls

Features

• Support for latest TLS Protocols (​1.0|​1.1|​1.2)
• Support for client certificates.
• Support for ​RFC:5746 Safe renegotiation.
• Support for ​RFC:6091 OpenPGP certificate authentication.
• Support for ​RFC:5054 ​SRP authentication.
• Support for ​Server Name Indication.
• Distributed SSL/TLS Session Cache via ​Memcached.
• Local SSL/TLS Session Cache using GDBM or Berkeley DB.
• Support for TLS Session Tickets and Session Caching
• Compatible with mod_ssl's Environment Variables.
• Support for TLS proxy termination and TLS reverse proxy connections.
• PKCS #11 support for access to private keys and certificates.
• OCSP stapling support (TLS extension Certificate Status Request, ​RFC:6066, Section 8)

Contact

If you run into trouble, have a question, a feature suggestion, or a great new idea, we want to hear about it!

You can file a ticket, and you can ​use the mailing list. If you want to contribute, patches or pull requests are welcome. Some developers also hang out on IRC on the #mod_gnutls channel on irc.indymedia.org.