An online HTTPS server running GnuTLS is available:
The GnuTLS manual explain how you can set up your own test server.
The server supports these mechanisms:
Certificate types: | X.509, OPENPGP |
Protocols: | TLS1.2, TLS1.1, TLS1.0, SSL3.0 |
Ciphers: | AES-256-CBC, AES-128-CBC, 3DES-CBC, ARCFOUR, ARCFOUR-40 |
MACs: | SHA512, SHA384, SHA256, SHA1, RMD160, MD5 |
Key exchange algorithms: | RSA, RSA-EXPORT, DHE-DSS, DHE-RSA, DHE-PSK, PSK, SRP, SRP-RSA, SRP-DSS, ANON-DH |
Compression methods: | DEFLATE, LZO, NULL |
Client authorization formats: | x509-attr-cert, saml-assertion, x509-attr-cert-url, saml-assertion-url |
Server authorization formats: | x509-attr-cert, saml-assertion |
For X.509 authentication the following credentials are used:
x509-ca.pem | GnuTLS test server CA | x509-ca.crt |
x509-ca-key.pem | Private RSA key of the CA. | |
x509-trust.pem | GnuTLS test server CA trust list | |
x509-server.pem | GnuTLS server certificate. | x509-server.crt |
x509-server-key.pem | Private RSA key of the server. | |
x509-server-dsa.pem | GnuTLS server certificate (DSA). | x509-server-dsa.crt |
x509-server-key-dsa.pem | Private DSA key of the server. |
For OpenPGP authentication the following credentials are used:
openpgp-server.txt | GnuTLS test server OpenPGP key | openpgp-server.bin |
openpgp-server-key.txt | Private key of the OpenPGP key. | openpgp-server-key.bin |
For SRP authentication the following credentials are used:
srp-tpasswd.conf | GnuTLS test server SRP password configuration file | |
srp-passwd.txt | Password file (user 'jas' password 'foo') |
For PSK authentication the following credentials are used:
psk-passwd.txt | GnuTLS test server PSK symmetric key file |
If you want to run your own server, install GnuTLS and download the credentials. Then invoke the server as follows:
echo 'This is the X.509 Attribute Certificate authorization data'> x509ac.txt echo 'This is the SAML assertion authorization data'> saml.txt gnutls-serv --http --x509cafile x509-trust.pem --x509keyfile x509-server-key.pem --x509certfile x509-server.pem --x509dsakeyfile x509-server-key-dsa.pem --x509dsacertfile x509-server-dsa.pem --pgpkeyfile openpgp-server-key.txt --pgpcertfile openpgp-server.txt --srppasswdconf srp-tpasswd.conf --srppasswd srp-passwd.txt --pskpasswd psk-passwd.txt --authz-x509-attr-cert x509ac.txt --authz-saml-assertion saml.txt |
Please send inquiries about GNU and the FSF to
Free Software Foundation Voice: +1-617-542-5942 59 Temple Place - Suite 330 Fax: +1-617-542-2652 Boston MA 02111-1307 USA E-Mail: gnu@gnu.org
Please send broken links and other web page corrections (or suggestions) to
The GNU Webmasters webmasters@gnu.org
Please see the Translations README for information on coordinating and submitting translations.
Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004
Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston,
MA 02111, USA
Verbatim copying and distribution of this entire article are
permitted worldwide without royalty in any medium provided
this notice is preserved.
Updated: $Date: 2007/02/22 09:09:06 $ $Author: jas $