sslsniff, there’s an app for that!
Moxie Marlinspike just released an updated (10 years later!) version of sslsniff that includes the iOS BasicConstraints vulnerabilities that were published today. You can read the announcement here or go straight to the details which includes the download link.
Friends don’t allow other friends to permit leaf certificates to act as signing certificates, or do man in the middle (MITM) attacks against SSL/TLS.