I noticed SSL errors when using nixpkgs-review when it tries to download build artifacts from my binary cache.
The cache is behind a nginx reverse proxy and I get SSL peer certificate or SSH remote key was not OK errors.
I thought it had to do with nix itself and posted the problem on discourse
Through chance I found the commit 62b04e4bdc321633ca9e1a235132c99bf51947e3 which sets the cacert file explicitly for nixpkgs-review and breaks my certificate chain. If I remove that line, I can connect just fine.
Is there any way to disable the setting of NIX_SSL_CERT_FILE or to override it? I would like to connect through SSL/TLS to my binary cache and use it with nixpkgs-review
I noticed SSL errors when using
nixpkgs-review
when it tries to download build artifacts from my binary cache. The cache is behind a nginx reverse proxy and I getSSL peer certificate or SSH remote key was not OK
errors.I thought it had to do with nix itself and posted the problem on discourse
Through chance I found the commit 62b04e4bdc321633ca9e1a235132c99bf51947e3 which sets the cacert file explicitly for
nixpkgs-review
and breaks my certificate chain. If I remove that line, I can connect just fine.Is there any way to disable the setting of
NIX_SSL_CERT_FILE
or to override it? I would like to connect through SSL/TLS to my binary cache and use it withnixpkgs-review