diff --git a/configure b/configure
index 48978ca6ed6..07c4ef26700 100755
--- a/configure
+++ b/configure
@@ -6499,6 +6499,20 @@ fi
     then
         SECURITYLIB="-framework Security -framework CoreFoundation"
 
+                ac_save_LIBS="$LIBS"
+        LIBS="$LIBS $SECURITYLIB"
+        for ac_func in SSLCopyPeerCertificates
+do :
+  ac_fn_c_check_func "$LINENO" "SSLCopyPeerCertificates" "ac_cv_func_SSLCopyPeerCertificates"
+if test "x$ac_cv_func_SSLCopyPeerCertificates" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_SSLCOPYPEERCERTIFICATES 1
+_ACEOF
+
+fi
+done
+
+        LIBS="$ac_save_LIBS"
         with_gnutls=${with_gnutls:-no}
     fi
     if test "$ac_cv_header_CoreAudio_CoreAudio_h" = "yes" -a "$ac_cv_header_AudioUnit_AudioUnit_h" = "yes"
diff --git a/configure.ac b/configure.ac
index ad4f36f97c2..c4e44af415c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -720,6 +720,11 @@ case $host_os in
     if test "$ac_cv_header_Security_Security_h" = "yes"
     then
         AC_SUBST(SECURITYLIB,"-framework Security -framework CoreFoundation")
+        dnl Check for the SSLCopyPeerCertificates function
+        ac_save_LIBS="$LIBS"
+        LIBS="$LIBS $SECURITYLIB"
+        AC_CHECK_FUNCS(SSLCopyPeerCertificates)
+        LIBS="$ac_save_LIBS"
         with_gnutls=${with_gnutls:-no}
     fi
     if test "$ac_cv_header_CoreAudio_CoreAudio_h" = "yes" -a "$ac_cv_header_AudioUnit_AudioUnit_h" = "yes"
diff --git a/dlls/secur32/schannel_macosx.c b/dlls/secur32/schannel_macosx.c
index 1158b14e0e7..01493b1984b 100644
--- a/dlls/secur32/schannel_macosx.c
+++ b/dlls/secur32/schannel_macosx.c
@@ -670,6 +670,13 @@ SECURITY_STATUS schan_imp_get_connection_info(schan_imp_session session,
     return SEC_E_OK;
 }
 
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+static void schan_imp_cf_release(const void *arg, void *ctx)
+{
+    CFRelease(arg);
+}
+#endif
+
 SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session,
                                                        PCCERT_CONTEXT *cert)
 {
@@ -680,7 +687,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
 
     TRACE("(%p/%p, %p)\n", s, s->context, cert);
 
+#ifdef HAVE_SSLCOPYPEERCERTIFICATES
     status = SSLCopyPeerCertificates(s->context, &certs);
+#else
+    status = SSLGetPeerCertificates(s->context, &certs);
+#endif
     if (status == noErr && certs)
     {
         SecCertificateRef mac_cert;
@@ -702,6 +713,11 @@ SECURITY_STATUS schan_imp_get_session_peer_certificate(schan_imp_session session
         }
         else
             WARN("Couldn't extract certificate data\n");
+#ifndef HAVE_SSLCOPYPEERCERTIFICATES
+        /* This is why SSLGetPeerCertificates was deprecated */
+        CFArrayApplyFunction(certs, CFRangeMake(0, CFArrayGetCount(certs)),
+                             schan_imp_cf_release, NULL);
+#endif
         CFRelease(certs);
     }
     else
diff --git a/include/config.h.in b/include/config.h.in
index f70e354c92e..bb13463d170 100644
--- a/include/config.h.in
+++ b/include/config.h.in
@@ -746,6 +746,9 @@
 /* Define to 1 if the system has the type `ssize_t'. */
 #undef HAVE_SSIZE_T
 
+/* Define to 1 if you have the `SSLCopyPeerCertificates' function. */
+#undef HAVE_SSLCOPYPEERCERTIFICATES
+
 /* Define to 1 if you have the `statfs' function. */
 #undef HAVE_STATFS