Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"Problem with the SSL CA cert" errors after reinstallation on Mac #1374

Open
mattrussell-sonocent opened this issue Jan 6, 2025 · 3 comments
Open

"Problem with the SSL CA cert" errors after reinstallation on Mac #1374

mattrussell-sonocent opened this issue Jan 6, 2025 · 3 comments

Comments

@mattrussell-sonocent
Copy link

OS: macOS Sequoia 15.1
nix-installer 0.32.2

Brief history:

  1. Brand new Macbook, installed Nix via Determinate Nix Installer default planner, then installed nix-darwin. That worked for a couple of hours before I hit some mysterious issues (e.g. error: path '/nix/store/0ccnxa25whszw7mgbgyzdm4nqc0zwnm8-source/flake.nix' does not exist). I'm a Nix novice, and decided that it might be simplest to uninstall and reinstall Nix and see if that fixed it.
  2. I uninstalled using /nix/nix-installer uninstall.
  3. I reinstalled using the same installer, and it appeared to succeed.
  4. However, trying to run any Nix commands results in a certificate error:
> nix-shell -p cowsay
error:
       … while calling the 'import' builtin
         at «string»:1:18:
            1| {...}@args: with import <nixpkgs> args; (pkgs.runCommandCC or pkgs.runCommand) "shell" { buildInputs = [ (cowsay) ]; } ""
             |                  ^

       … while realising the context of a path

       … while calling the 'findFile' builtin
         at «string»:1:25:
            1| {...}@args: with import <nixpkgs> args; (pkgs.runCommandCC or pkgs.runCommand) "shell" { buildInputs = [ (cowsay) ]; } ""
             |                         ^

       error: unable to download 'https://channels.nixos.org/flake-registry.json': Problem with the SSL CA cert (path? access rights?) (77) error setting certificate file: /etc/ssl/certs/ca-certificates.crt

I have attempted to use this recipe with no luck: https://github.com/DeterminateSystems/nix-installer#using-macos-after-removing-nix-while-nix-darwin-was-still-installed-network-requests-fail
But the symptoms sound different - I didn't have any certificates at /etc/ssl/certs

Is there anything I can do to get Nix installed correctly again? Many thanks in advance!
@mattrussell-sonocent
Copy link
Author

Running sudo ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt per NixOS/nix#3261 (comment) appears to have sorted it 😅

@grahamc
Copy link
Member

grahamc commented Jan 6, 2025

Ah, great!

I was just going to suggest that, or trying the Determinate package which handles a lot more edge cases out of the box. However, that has a caveat around adding a nix-darwin module to your configuration, and we're looking to talk with users about how that should work.

@grahamc
Copy link
Member

grahamc commented Jan 6, 2025
edited
Loading

@mattrussell-sonocent would you mind chatting over email about nix-darwin, this issue, and Nix? ([email protected])

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@grahamc @mattrussell-sonocent