GnuTLS is available for download at: http://www.gnutls.org/download.html
GnuTLS uses a development cycle where even minor version numbers indicate a stable release and a odd minor version number indicate a development release. For example, GnuTLS 1.6.3 denote a stable release since 6 is even, and GnuTLS 1.7.11 denote a development release since 7 is odd.
GnuTLS depends on
gmplib, and you will need to install it
before installing GnuTLS. The
nettle library is available from
gmplib is available
Don’t forget to verify the cryptographic signature after downloading
source code packages.
The package is then extracted, configured and built like many other
packages that use Autoconf. For detailed information on configuring
and building it, refer to the INSTALL file that is part of the
distribution archive. Typically you invoke
make check install. There are a number of compile-time
parameters, as discussed below.
Several parts of GnuTLS require ASN.1 functionality, which is provided by a library called libtasn1. A copy of libtasn1 is included in GnuTLS. If you want to install it separately (e.g., to make it possibly to use libtasn1 in other programs), you can get it from http://www.gnu.org/software/libtasn1/.
The compression library,
libz, the PKCS #11 helper library
the TPM library
trousers, as well as the IDN library
optional dependencies. Check the README file in the distribution on how
to obtain these libraries.
configure options may be relevant, summarized below.
They disable or enable particular features,
to create a smaller library with only the required features.
Note however, that although a smaller library is generated, the
included programs are not guaranteed to compile if some of these
options are given.
--disable-srp-authentication --disable-psk-authentication --disable-anon-authentication --disable-openpgp-authentication --disable-dhe --disable-ecdhe --disable-openssl-compatibility --disable-dtls-srtp-support --disable-alpn-support --disable-heartbeat-support --disable-libdane --without-p11-kit --without-tpm --without-zlib
For the complete list, refer to the output from
Needed to use RFC6125 name comparison in internationalized domains.