mod_gnutls

mod_gnutls is an extension for ​Apache's httpd uses the ​GnuTLS library to provide HTTPS.

It is similar to ​mod_ssl in purpose, but it supports some features and protocols that mod_ssl does not, and it does not use ​OpenSSL.

• Installing mod_gnutls
• Developing mod_gnutls

Features

• Support for the legacy ​SSL 3.0 protocol
• Support for latest TLS Protocols (​1.0|​1.1|​1.2)
• Support for client certificates.
• Support for ​RFC:5746 Safe renegotiation.
• Support for ​RFC:6091 OpenPGP certificate authentication.
• Support for ​RFC:5054 ​SRP authentication.
• Support for ​Server Name Indication.
• Distributed SSL/TLS Session Cache via ​Memcached.
• Local SSL/TLS Session Cache using GDBM or DBM (needs Berkeley DBM support).
• Support for Session Tickets instead of Session Caching
• Compatible with mod_ssl's Enviromental Variables.
• Small and focused code base.
• Support for TLS proxy termination and TLS reverse proxy connections.
• PKCS #11 support for access to private keys and certificates.

Contact

If you run into trouble, have a question, a feature suggestion, or a great new idea, we want to hear about it!

You can file a ticket, and you can ​use the mailing list. Some developers also hang out on IRC on the #mod_gnutls channel on irc.indymedia.org.