If it has been set to allow any HTTPS certificates for this host, set

        kCFStreamSSLAllowsExpiredCertificates to true to allow expired 
        certificate, and set kCFStreamSSLValidatesCertificateChain false to skip
        certificate chain validation. (<rdar://problem/6382059>)

        Reviewed by John Sullivan.

        * platform/network/cf/ResourceHandleCFNet.cpp:
        (WebCore::makeFinalRequest):



git-svn-id: svn://svn.chromium.org/blink/trunk@42916 bbb929c8-8fbe-4397-9dbb-9b2b20218538

third_party/WebKit/WebCore/ChangeLog

+2009-04-27  Ada Chan  <adachan@apple.com>
+
+        If it has been set to allow any HTTPS certificates for this host, set 
+        kCFStreamSSLAllowsExpiredCertificates to true to allow expired 
+        certificate, and set kCFStreamSSLValidatesCertificateChain false to skip
+        certificate chain validation. (<rdar://problem/6382059>)
+
+        Reviewed by John Sullivan.
+
+        * platform/network/cf/ResourceHandleCFNet.cpp:
+        (WebCore::makeFinalRequest):
+
 2009-04-27  Simon Fraser  <simon.fraser@apple.com>
 
         Reviewed by Adele Peterson

third_party/WebKit/WebCore/platform/network/cf/ResourceHandleCFNet.cpp

@@ -325,6 +325,8 @@ static CFURLRequestRef makeFinalRequest(const ResourceRequest& request, bool sho
         sslProps.adoptCF(CFDictionaryCreateMutable(kCFAllocatorDefault, 0, &kCFTypeDictionaryKeyCallBacks, &kCFTypeDictionaryValueCallBacks));
         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsAnyRoot, kCFBooleanTrue);
         CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredRoots, kCFBooleanTrue);
+        CFDictionaryAddValue(sslProps.get(), kCFStreamSSLAllowsExpiredCertificates, kCFBooleanTrue);
+        CFDictionaryAddValue(sslProps.get(), kCFStreamSSLValidatesCertificateChain, kCFBooleanFalse);
     }
 
     HashMap<String, RetainPtr<CFDataRef> >::iterator clientCert = clientCerts().find(request.url().host().lower());