- Support for latest TLS Protocols (1.0|1.1|1.2)
- Support for client certificates.
- Support for RFC:5746 Safe renegotiation.
- Support for RFC:6091 OpenPGP certificate authentication.
- Support for RFC:5054 SRP authentication.
- Support for Server Name Indication.
- Distributed SSL/TLS Session Cache via Memcached.
- Local SSL/TLS Session Cache using GDBM or Berkeley DB.
- Support for TLS Session Tickets and Session Caching
- Compatible with mod_ssl's Environment Variables.
- Support for TLS proxy termination and TLS reverse proxy connections.
- PKCS #11 support for access to private keys and certificates.
- OCSP stapling support (TLS extension Certificate Status Request, RFC:6066, Section 8)
If you run into trouble, have a question, a feature suggestion, or a great new idea, we want to hear about it!
You can file a ticket, and you can use the mailing list. If you want to contribute, patches or pull requests are welcome. Some developers also hang out on IRC on the #mod_gnutls channel on irc.indymedia.org.