search

NixOS / nixos-homepage

Sources for nixos.org
https://nixos.org
309 stars 316 forks source link

SSL error when attempting to download the Nix install script #180

Closed waldyrious closed 4 years ago

waldyrious commented 6 years ago

curl's output is quite inscrutable:

$ curl https://nixos.org/nix/install | sh

curl: (35) SSL connect error

wget provides more useful output:

$ wget -O - https://nixos.org/nix/install | sh
--2018-01-30 23:41:22--  https://nixos.org/nix/install
Resolving nixos.org... 54.217.220.47
Connecting to nixos.org|54.217.220.47|:443... connected.
ERROR: cannot verify nixos.org’s certificate, issued by “/C=NL/ST=Denial/L=Springfield/O=Dis/CN=www.example.com”:
  Self-signed certificate encountered.
ERROR: certificate common name “www.example.com” doesn’t match requested host name “nixos.org”.
To connect to nixos.org insecurely, use ‘--no-check-certificate’.

System information

Output of curl --version:

curl 7.19.7 (x86_64-redhat-linux-gnu) libcurl/7.19.7 NSS/3.13.1.0 zlib/1.2.3 libidn/1.18 libssh2/1.2.2
Protocols: tftp ftp telnet dict ldap ldaps http file https ftps scp sftp 
Features: GSS-Negotiate IDN IPv6 Largefile NTLM SSL libz

Output of wget --version:

GNU Wget 1.12 built on linux-gnu.

+digest +ipv6 +nls +ntlm +opie +md5/openssl +https -gnutls +openssl 
-iri 

Wgetrc: 
    /etc/wgetrc (system)
Locale: /usr/share/locale 
Compile: gcc -DHAVE_CONFIG_H -DSYSTEM_WGETRC="/etc/wgetrc" 
    -DLOCALEDIR="/usr/share/locale" -I. -I../lib -O2 -g -pipe -Wall 
    -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector 
    --param=ssp-buffer-size=4 -m64 -mtune=generic 
Link: gcc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions 
    -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic 
    -L/usr/lib6464 -lssl -lcrypto -ldl -lz /usr/lib64/libssl.so 
    /usr/lib64/libcrypto.so -ldl -lrt ftp-opie.o openssl.o http-ntlm.o 
    gen-md5.o ../lib/libgnu.a

Output of lsb_release -d:

Description:    CentOS release 6.3 (Final)

Output of uname -srv:

Linux 2.6.32-279.14.1.el6.x86_64 #1 SMP Tue Nov 6 23:43:09 UTC 2012

Note: I don't have admin access to this machine.

waldyrious commented 6 years ago

By the way, using wget's --no-check-certificate option is no help, since the script uses curl internally to download the tarball.

garbas commented 4 years ago

Hi @waldyrious sorry for "slightly" late reply :) the repository for nix is actually here: https://github.com/nixos/nix, but you probably already figured this out.

As far as i'm aware this issue was fixed, but if not please open a new issue under above mentioned repository.