Welcome to GnuTLS project pages

  • Overview

    GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures.

    The project strives to provide a secure communications back-end, simple to use and integrated with the rest of the base Linux libraries. A back-end designed to work and be secure out of the box, keeping the complexity of TLS and PKI out of application code.

  • Features
    • Support for TLS 1.3, 1.2, 1.1, 1.0 protocols, and (optionally) SSL 3.0
    • Support for DTLS 1.2, and DTLS 1.0, protocols
    • Support for certificate path validation, as well as DANE and trust on first use.
    • Support for the Online Certificate Status Protocol (OCSP).
    • Support for public key methods, including RSA and Elliptic curves, as well as password and key authentication methods such as SRP and PSK protocols.
    • Support for all the strong encryption algorithms, including AES and Camellia.
    • Support for CPU-assisted cryptography with VIA padlock and AES-NI instruction sets.
    • Support for cryptographic accelerator drivers via /dev/crypto.
    • Supports natively HSMs and cryptographic tokens, via PKCS #11 and the Trusted Platform Module (TPM).
    • Runs on most Unix platforms and Windows.
  • License

    The core library licensed under the GNU Lesser General Public License version 2.1 (LGPLv2.1+). The LGPL license is compatible with a wide range of free licenses, and even permit you to use GnuTLS in non-free proprietary programs.

For more information on GnuTLS features, see the wikipedia article comparing different TLS implementations.

News flashes  

Released GnuTLS 3.8.1 a bug-fix and enhancement release on the 3.8.x branch.


Released GnuTLS 3.8.0 a bug-fix and enhancement release on the 3.8.x branch.

Added the GNUTLS-SA-2020-07-14 security advisory.


Released GnuTLS 3.7.8 a bug-fix release on the 3.7.x branch.


Released GnuTLS 3.7.7 a bug-fix and enhancement release on the 3.7.x branch.

Added the GNUTLS-SA-2022-07-07 security advisory.