Skip to content

Instantly share code, notes, and snippets.

@bangn

bangn/fix-ssl-nix-macos.md

Last active July 9, 2020 05:51
Show Gist options
  • Save bangn/30e4eb104d277c329195346d50a3808f to your computer and use it in GitHub Desktop.
Save bangn/30e4eb104d277c329195346d50a3808f to your computer and use it in GitHub Desktop.
Download ZIP
Fix "SSL certificate problem: unable to get local issuer certificate" (macOS, nix)
Raw
fix-ssl-nix-macos.md

The problem

nix-channel --update
warning: unable to download 'https://nixos.org/channels/nixpkgs-unstable': Problem with the SSL CA cert (path? access rights?) (77); using cached result
error: unable to download '/nixexprs.tar.bz2': URL using bad/illegal format or missing URL (3)

The reason

nix profile does not include correct ssl cert

The workaround

This is my workaround. There should be a better way to fix it however my google skill is foo on this

Look for ssl cert in your previous nix profile

cd "/nix/var/nix/profiles/per-user/$USER"
find -L . -name "ssl"

If your previous profile does include ssl, it will be under

./profile-{profile-number}-link/etc/ssl

In my case it is profile-6-link/etc/ssl. Get the symlink target of that directory ($SSL_DIRECTORY)

Create ssl symlink in your current profile

cd `$YOUR_CURRENT_NIX_PROFILE`/etc
ln -sfn $SSL_DIRECTORY ssl

You should be able to use nix-channle --update now

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment