From the user's perspective, there's nothing to the GnuTLS
integration. It Just Works for any Emacs Lisp code that uses
(see Network Connections). The two functions are equivalent, the first one being an
alias of the second.
There's one way to find out if GnuTLS is available, by calling
gnutls-available-p. This is a little bit trickier on the W32
(Windows) platform, but if you have the GnuTLS DLLs (available from
http://sourceforge.net/projects/ezwinports/files/ thanks to Eli
Zaretskii) in the same directory as Emacs, you should be OK.
This function returns t if GnuTLS is available in this instance of Emacs.
Oh, but sometimes things go wrong. Budgets aren't balanced, television ads lie, and even TLS and SSL connections can fail to work properly. Well, there's something to be done in the last case.
gnutls-log-levelvariable sets the log level. 1 is verbose. 2 is very verbose. 5 is crazy. Crazy! Set it to 1 or 2 and look in the
*Messages*buffer for the debugging information.
gnutls-algorithm-priorityvariable sets the GnuTLS priority string. This is global, not per host name (although
gnutls-negotiatesupports a priority string per connection so it could be done if needed). The priority string syntax is in the GnuTLS documentation.
gnutls-trustfilesvariable is a list of trustfiles (certificates for the issuing authorities). This is global, not per host name (although
gnutls-negotiatesupports a trustfile per connection so it could be done if needed). The trustfiles can be in PEM or DER format and examples can be found in most Unix distributions. By default four locations are tried in this order: /etc/ssl/certs/ca-certificates.crt for Debian, Ubuntu, Gentoo and Arch Linux; /etc/pki/tls/certs/ca-bundle.crt for Fedora and RHEL; /etc/ssl/ca-bundle.pem for Suse; /usr/ssl/certs/ca-bundle.crt for Cygwin. You can easily customize
gnutls-trustfilesto be something else, but let us know if you do, so we can make the change to benefit the other users of that platform.