mod_gnutls is an extension for Apache's httpd uses the GnuTLS library to provide HTTPS.

It is similar to mod_ssl in purpose, but it supports some features and protocols that mod_ssl does not, and it does not use OpenSSL.


  • Support for latest TLS Protocols (1.0|1.1|1.2)
  • Support for client certificates.
  • Support for RFC:5746 Safe renegotiation.
  • Support for RFC:6091 OpenPGP certificate authentication.
  • Support for RFC:5054 SRP authentication.
  • Support for Server Name Indication.
  • Distributed SSL/TLS Session Cache via Memcached.
  • Local SSL/TLS Session Cache using GDBM or Berkeley DB.
  • Support for TLS Session Tickets and Session Caching
  • Compatible with mod_ssl's Environment Variables.
  • Support for TLS proxy termination and TLS reverse proxy connections.
  • PKCS #11 support for access to private keys and certificates.
  • OCSP stapling support (TLS extension Certificate Status Request, RFC:6066, Section 8)


If you run into trouble, have a question, a feature suggestion, or a great new idea, we want to hear about it!

You can file a ticket, and you can use the mailing list. If you want to contribute, patches or pull requests are welcome. Some developers also hang out on IRC on the #mod_gnutls channel on

Last modified 6 years ago Last modified on Dec 12, 2016, 2:50:53 PM