diff --git a/Classes/ASIHTTPRequest.m b/Classes/ASIHTTPRequest.m index 8dd162c3..1e8c2bcf 100644 --- a/Classes/ASIHTTPRequest.m +++ b/Classes/ASIHTTPRequest.m @@ -1212,17 +1212,30 @@ - (void)startRequest // see: http://iphonedevelopment.blogspot.com/2010/05/nsstream-tcp-and-ssl.html NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys: - [NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates, - [NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot, - [NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain, - kCFNull,kCFStreamSSLPeerName, - nil]; + [NSNumber numberWithBool:YES], kCFStreamSSLAllowsExpiredCertificates, + [NSNumber numberWithBool:YES], kCFStreamSSLAllowsAnyRoot, + [NSNumber numberWithBool:NO], kCFStreamSSLValidatesCertificateChain, + kCFNull,kCFStreamSSLPeerName, + @"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel, + nil]; CFReadStreamSetProperty((CFReadStreamRef)[self readStream], kCFStreamPropertySSLSettings, (CFTypeRef)sslProperties); [sslProperties release]; - } + }else { + NSDictionary *sslProperties = [[NSDictionary alloc] initWithObjectsAndKeys: + [NSNumber numberWithBool:NO], kCFStreamSSLAllowsExpiredCertificates, + [NSNumber numberWithBool:NO], kCFStreamSSLAllowsAnyRoot, + [NSNumber numberWithBool:YES], kCFStreamSSLValidatesCertificateChain, + @"kCFStreamSocketSecurityLevelTLSv1_0SSLv3", kCFStreamSSLLevel, + nil]; + + CFReadStreamSetProperty((CFReadStreamRef)[self readStream], + kCFStreamPropertySSLSettings, + (CFTypeRef)sslProperties); + [sslProperties release]; + } // Tell CFNetwork to use a client certificate if (clientCertificateIdentity) {