I have GnuTLS setup on numerous Apache web servers. It's just better than OpenSSL because with GnuTLS I can use the more secure TLSv1.1 or TLSv1.2. The only problem I've had with it, until now is that it's trusted by every browser I've used with the exception of Firefox.
When I browse to one of my GnuTLS enabled sites in Firefox I get an error saying The certificate is not trusted because no issuer chain was provided.
cat intermediate.crt >> server.crt