Multi-user installation on OSX - SSL cert problem for user, not for root

[charlieshanley]

After a multi-user installation on OSX (Mojave 10.14.5), operations performed by the user that try to pull from a binary cache (https://cache.nixos.org) fail with unable to download ... Problem with the SSL CA cert (path? access rights?) (77). When performed by root, however, they succeed.

The (successful) output from the installer is attached.
nix-installer-output.txt

Following that, in a new shell, nix-shell -p nix-info --run "nix-info -m" returns:

Charlies-MacBook-Pro:~ chanley$ nix-shell -p nix-info --run "nix-info -m"
these paths will be fetched (134.89 MiB download, 690.37 MiB unpacked):
  /nix/store/0kn38pv5vqmkq5j4jrpqynjrwv551hjc-libc++-7.1.0
  /nix/store/0p9xfxlzjkxdnck1qzaybvw2rzp067hw-ncurses-6.1-20190112-dev
  /nix/store/0rj5c34hy4spqgdrkj176ap7bmzvk1dx-bzip2-1.0.6.0.1-bin
  /nix/store/1cdf8189bplcq89fd8v1rpy381fh28c6-cctools-port-895
  /nix/store/1rax1g5vhrpy7sg7njlypy68dbs65a1m-adv_cmds-osx-10.5.8-locale
  /nix/store/2fis6rlqbqhf4i28mp11i8z7h5bvfhyy-xz-5.2.4
  /nix/store/2nqxi2qw2fd3dy80gfd65157vp5n85c6-clang-7.1.0
  /nix/store/48d3m61pll2q2rn25s45bm3ypws3sa1d-findutils-4.6.0
  /nix/store/4h02k3v0fnxn7fz6qpbkjp5pdxfrxfr1-gnugrep-3.3
  /nix/store/4nzcxiaa4yswxrpv9zivs0nnhsgxz27w-bash-interactive-4.4-p23
  /nix/store/50r2sx926sqipv0sf2k22rqvpm7m28pb-xz-5.2.4-bin
  /nix/store/59p00lig3g39abiq93ms7c4zsn4j1rj6-DarwinTools-1
  /nix/store/5aqjq650c4k3ayrz0skrvba06dzqkkba-llvm-7.1.0-lib
  /nix/store/60ls22hfwqi0ss04ky9rbfy94sggzvhb-patch-2.7.6
  /nix/store/69l3k9v419frhg4qw1bga3ymgfz84q8l-ncurses-6.1-20190112-man
  /nix/store/7knybl6l5bmg283y8hcha2nh81kmb5b1-curl-7.64.1
  /nix/store/7w1b84axvzg5adfdgw1b0q6acxysdqq7-libssh2-1.8.2
  /nix/store/7xxpjv1x0ixc0jnrgw7lbxbqzyikzv0n-gnutar-1.32
  /nix/store/8j52vc95fn3dqldy687mrv27b3v5b7mv-pcre-8.43
  /nix/store/8wicvxq67m78r5m758q7zda2hysjb8v4-bash-interactive-4.4-p23-info
  /nix/store/987ybb398qwmb69ai6i1nzbhx8z013c1-coreutils-8.31
  /nix/store/9hxa802j7cxlx0bqjrhfz6di3wgqlf2j-ICU-osx-10.10.5
  /nix/store/a3xf5hr0igg3jlap17wssayyww644521-compiler-rt-7.1.0
  /nix/store/ak5h31nd9l2agsvd7r92g1dxc2pdd327-diffutils-3.7
  /nix/store/bbrr07d3q4gdnkhzr1jb54jaicj3mylp-ed-1.15
  /nix/store/d539yv2ynns4vjkzqgi0gshxq1hynb4s-bash-interactive-4.4-p23-doc
  /nix/store/dklzvq9l4bddz1934zwqxfpilhi4nq2q-nghttp2-1.38.0-lib
  /nix/store/dllrbbiw1fk0lj0jnxk5ikfwmh5ljvxk-gzip-1.10
  /nix/store/dvpgjv19mqjkpb144p08350ynx12ww36-cctools-binutils-darwin
  /nix/store/fkgq0j593j51av8wxaccii5djywgb2rd-gawk-4.2.1
  /nix/store/g65mnqdjhqkz3jjwf3zf0zd5xn9wliz9-llvm-7.1.0
  /nix/store/j4v26srfl3y8gam493fhgdizfwmvdhbd-openssl-1.0.2r
  /nix/store/kmfjmci5i2d3hdgs9sipnynyq800kllm-readline-7.0p5
  /nix/store/ls35lgb4nnxdmcgw8a3pf5yfkkaax1mv-gmp-6.1.2
  /nix/store/m80khqyl8ll12rrickwbbnxqmpyv5aks-clang-7.1.0-lib
  /nix/store/mfkyr1ijfjcjdaiafaf0yhnbvs87hbwz-gnumake-4.2.1
  /nix/store/mizr852kqhgrj9727yc707x4ckfw07wr-compiler-rt-7.1.0-dev
  /nix/store/mrrc440cshmc13rqqj4405jbqnklf4ja-Libsystem-osx-10.12.6
  /nix/store/mv66iznw2a6gn2v1rqi9p3zfb6n5lsq4-bzip2-1.0.6.0.1
  /nix/store/nvk4jk5v6whzqqyy79mscvklydh5flqj-libkrb5-1.17
  /nix/store/nz18qdq9yv7hd9nyf7r8fn7n48w27hjs-zlib-1.2.11
  /nix/store/pc5z9smy6lkpz77fcwzk69p7296nmxk2-bash-interactive-4.4-p23-dev
  /nix/store/pwn58bb13arpy8qvhv8zk8xf7bvzwv6r-ncurses-6.1-20190112
  /nix/store/qmgr598q5mmw23v9na5bls65swkhqqfa-libiconv-osx-10.12.6
  /nix/store/r6rrs8fynvakppdn7c7xah121hxymslx-bash-interactive-4.4-p23-man
  /nix/store/s0f473nbi2g1sgh4n14sjfydh2rgixp7-gnused-4.7
  /nix/store/s20j6f5qkd02cf6a41y5pxb141vphqig-stdenv-darwin
  /nix/store/sh60c0knd7s11k32256w29vaadyicpn9-libffi-3.2.1
  /nix/store/vw5ffjgiy8ciglvnglad1gga0ygaydrm-libc++abi-7.1.0
  /nix/store/w5qrj4dr5y8r2cwvzcslfl2i389x85aw-bash-4.4-p23
  /nix/store/w6z3finjvd2x6y4j84clxkh45apngwk3-cctools-binutils-darwin-wrapper
  /nix/store/waa0aqhsw9rzap3di15si6wdbqh7zi4b-swift-corefoundation
  /nix/store/wiazyw6v604pwjjs88m8n5xdpsvvma57-nix-info
  /nix/store/wn2n7p0gc9awf3bg2fq7x2wvfk17cc8a-expand-response-params
  /nix/store/x6nk7252yg0f60k93j4dp28cbf7cgigc-libxml2-2.9.9
  /nix/store/xllycfvg6yh6wgn57z45qcn4n5k495ym-zlib-1.2.11-dev
  /nix/store/xvfhkidy2sl3i5m2f2hxrxksfbb2icaz-gettext-0.19.8.1
  /nix/store/z96dbzxpz1mcdxajc3k12b65mspqbb21-clang-wrapper-7.1.0
  /nix/store/zjn1rsaa4b8hjdd00gzmqapdi7vj2g39-binutils-2.31.1
copying path '/nix/store/8wicvxq67m78r5m758q7zda2hysjb8v4-bash-interactive-4.4-p23-info' from 'https://cache.nixos.org'...
copying path '/nix/store/d539yv2ynns4vjkzqgi0gshxq1hynb4s-bash-interactive-4.4-p23-doc' from 'https://cache.nixos.org'...
copying path '/nix/store/r6rrs8fynvakppdn7c7xah121hxymslx-bash-interactive-4.4-p23-man' from 'https://cache.nixos.org'...
copying path '/nix/store/mrrc440cshmc13rqqj4405jbqnklf4ja-Libsystem-osx-10.12.6' from 'https://cache.nixos.org'...
copying path '/nix/store/1rax1g5vhrpy7sg7njlypy68dbs65a1m-adv_cmds-osx-10.5.8-locale' from 'https://cache.nixos.org'...
copying path '/nix/store/69l3k9v419frhg4qw1bga3ymgfz84q8l-ncurses-6.1-20190112-man' from 'https://cache.nixos.org'...
unable to download 'https://cache.nixos.org/nar/08di0250slfpvsfhm47fy4k6c5a745l0i4ywwjxkikbbq6j8yv9z.nar.xz': Problem with the SSL CA cert (path? access rights?) (77)
error: build of '/nix/store/9gcm6pjy7jcgyspfhjxjz46c09ac6q22-stdenv-darwin.drv', '/nix/store/di2723br2h7b6cphxks865lls5rv7j15-bash-4.4-p23.drv', '/nix/store/jmmh6fr2ajnrgm4j3lvim9fzms37br79-nix-info.drv', '/nix/store/y09l2li10lvi0570p71645xqd83s37sr-bash-interactive-4.4-p23.drv' failed

And here it is succeeding with root:

Charlies-MacBook-Pro:~ chanley$ sudo -i
Charlies-MacBook-Pro:~ root# nix-shell -p nix-info --run "nix-info -m"
these paths will be fetched (134.89 MiB download, 690.37 MiB unpacked):
  /nix/store/0kn38pv5vqmkq5j4jrpqynjrwv551hjc-libc++-7.1.0
  /nix/store/0p9xfxlzjkxdnck1qzaybvw2rzp067hw-ncurses-6.1-20190112-dev
  /nix/store/0rj5c34hy4spqgdrkj176ap7bmzvk1dx-bzip2-1.0.6.0.1-bin
  /nix/store/1cdf8189bplcq89fd8v1rpy381fh28c6-cctools-port-895
  /nix/store/1rax1g5vhrpy7sg7njlypy68dbs65a1m-adv_cmds-osx-10.5.8-locale
  /nix/store/2fis6rlqbqhf4i28mp11i8z7h5bvfhyy-xz-5.2.4
  /nix/store/2nqxi2qw2fd3dy80gfd65157vp5n85c6-clang-7.1.0
  /nix/store/48d3m61pll2q2rn25s45bm3ypws3sa1d-findutils-4.6.0
  /nix/store/4h02k3v0fnxn7fz6qpbkjp5pdxfrxfr1-gnugrep-3.3
  /nix/store/4nzcxiaa4yswxrpv9zivs0nnhsgxz27w-bash-interactive-4.4-p23
  /nix/store/50r2sx926sqipv0sf2k22rqvpm7m28pb-xz-5.2.4-bin
  /nix/store/59p00lig3g39abiq93ms7c4zsn4j1rj6-DarwinTools-1
  /nix/store/5aqjq650c4k3ayrz0skrvba06dzqkkba-llvm-7.1.0-lib
  /nix/store/60ls22hfwqi0ss04ky9rbfy94sggzvhb-patch-2.7.6
  /nix/store/69l3k9v419frhg4qw1bga3ymgfz84q8l-ncurses-6.1-20190112-man
  /nix/store/7knybl6l5bmg283y8hcha2nh81kmb5b1-curl-7.64.1
  /nix/store/7w1b84axvzg5adfdgw1b0q6acxysdqq7-libssh2-1.8.2
  /nix/store/7xxpjv1x0ixc0jnrgw7lbxbqzyikzv0n-gnutar-1.32
  /nix/store/8j52vc95fn3dqldy687mrv27b3v5b7mv-pcre-8.43
  /nix/store/8wicvxq67m78r5m758q7zda2hysjb8v4-bash-interactive-4.4-p23-info
  /nix/store/987ybb398qwmb69ai6i1nzbhx8z013c1-coreutils-8.31
  /nix/store/9hxa802j7cxlx0bqjrhfz6di3wgqlf2j-ICU-osx-10.10.5
  /nix/store/a3xf5hr0igg3jlap17wssayyww644521-compiler-rt-7.1.0
  /nix/store/ak5h31nd9l2agsvd7r92g1dxc2pdd327-diffutils-3.7
  /nix/store/bbrr07d3q4gdnkhzr1jb54jaicj3mylp-ed-1.15
  /nix/store/d539yv2ynns4vjkzqgi0gshxq1hynb4s-bash-interactive-4.4-p23-doc
  /nix/store/dklzvq9l4bddz1934zwqxfpilhi4nq2q-nghttp2-1.38.0-lib
  /nix/store/dllrbbiw1fk0lj0jnxk5ikfwmh5ljvxk-gzip-1.10
  /nix/store/dvpgjv19mqjkpb144p08350ynx12ww36-cctools-binutils-darwin
  /nix/store/fkgq0j593j51av8wxaccii5djywgb2rd-gawk-4.2.1
  /nix/store/g65mnqdjhqkz3jjwf3zf0zd5xn9wliz9-llvm-7.1.0
  /nix/store/j4v26srfl3y8gam493fhgdizfwmvdhbd-openssl-1.0.2r
  /nix/store/kmfjmci5i2d3hdgs9sipnynyq800kllm-readline-7.0p5
  /nix/store/ls35lgb4nnxdmcgw8a3pf5yfkkaax1mv-gmp-6.1.2
  /nix/store/m80khqyl8ll12rrickwbbnxqmpyv5aks-clang-7.1.0-lib
  /nix/store/mfkyr1ijfjcjdaiafaf0yhnbvs87hbwz-gnumake-4.2.1
  /nix/store/mizr852kqhgrj9727yc707x4ckfw07wr-compiler-rt-7.1.0-dev
  /nix/store/mrrc440cshmc13rqqj4405jbqnklf4ja-Libsystem-osx-10.12.6
  /nix/store/mv66iznw2a6gn2v1rqi9p3zfb6n5lsq4-bzip2-1.0.6.0.1
  /nix/store/nvk4jk5v6whzqqyy79mscvklydh5flqj-libkrb5-1.17
  /nix/store/nz18qdq9yv7hd9nyf7r8fn7n48w27hjs-zlib-1.2.11
  /nix/store/pc5z9smy6lkpz77fcwzk69p7296nmxk2-bash-interactive-4.4-p23-dev
  /nix/store/pwn58bb13arpy8qvhv8zk8xf7bvzwv6r-ncurses-6.1-20190112
  /nix/store/qmgr598q5mmw23v9na5bls65swkhqqfa-libiconv-osx-10.12.6
  /nix/store/r6rrs8fynvakppdn7c7xah121hxymslx-bash-interactive-4.4-p23-man
  /nix/store/s0f473nbi2g1sgh4n14sjfydh2rgixp7-gnused-4.7
  /nix/store/s20j6f5qkd02cf6a41y5pxb141vphqig-stdenv-darwin
  /nix/store/sh60c0knd7s11k32256w29vaadyicpn9-libffi-3.2.1
  /nix/store/vw5ffjgiy8ciglvnglad1gga0ygaydrm-libc++abi-7.1.0
  /nix/store/w5qrj4dr5y8r2cwvzcslfl2i389x85aw-bash-4.4-p23
  /nix/store/w6z3finjvd2x6y4j84clxkh45apngwk3-cctools-binutils-darwin-wrapper
  /nix/store/waa0aqhsw9rzap3di15si6wdbqh7zi4b-swift-corefoundation
  /nix/store/wiazyw6v604pwjjs88m8n5xdpsvvma57-nix-info
  /nix/store/wn2n7p0gc9awf3bg2fq7x2wvfk17cc8a-expand-response-params
  /nix/store/x6nk7252yg0f60k93j4dp28cbf7cgigc-libxml2-2.9.9
  /nix/store/xllycfvg6yh6wgn57z45qcn4n5k495ym-zlib-1.2.11-dev
  /nix/store/xvfhkidy2sl3i5m2f2hxrxksfbb2icaz-gettext-0.19.8.1
  /nix/store/z96dbzxpz1mcdxajc3k12b65mspqbb21-clang-wrapper-7.1.0
  /nix/store/zjn1rsaa4b8hjdd00gzmqapdi7vj2g39-binutils-2.31.1
copying path '/nix/store/d539yv2ynns4vjkzqgi0gshxq1hynb4s-bash-interactive-4.4-p23-doc' from 'https://cache.nixos.org'...
copying path '/nix/store/8wicvxq67m78r5m758q7zda2hysjb8v4-bash-interactive-4.4-p23-info' from 'https://cache.nixos.org'...
copying path '/nix/store/r6rrs8fynvakppdn7c7xah121hxymslx-bash-interactive-4.4-p23-man' from 'https://cache.nixos.org'...
copying path '/nix/store/mrrc440cshmc13rqqj4405jbqnklf4ja-Libsystem-osx-10.12.6' from 'https://cache.nixos.org'...
copying path '/nix/store/1rax1g5vhrpy7sg7njlypy68dbs65a1m-adv_cmds-osx-10.5.8-locale' from 'https://cache.nixos.org'...
copying path '/nix/store/69l3k9v419frhg4qw1bga3ymgfz84q8l-ncurses-6.1-20190112-man' from 'https://cache.nixos.org'...
copying path '/nix/store/w5qrj4dr5y8r2cwvzcslfl2i389x85aw-bash-4.4-p23' from 'https://cache.nixos.org'...
copying path '/nix/store/mv66iznw2a6gn2v1rqi9p3zfb6n5lsq4-bzip2-1.0.6.0.1' from 'https://cache.nixos.org'...
copying path '/nix/store/wn2n7p0gc9awf3bg2fq7x2wvfk17cc8a-expand-response-params' from 'https://cache.nixos.org'...
copying path '/nix/store/fkgq0j593j51av8wxaccii5djywgb2rd-gawk-4.2.1' from 'https://cache.nixos.org'...
copying path '/nix/store/mfkyr1ijfjcjdaiafaf0yhnbvs87hbwz-gnumake-4.2.1' from 'https://cache.nixos.org'...
copying path '/nix/store/s0f473nbi2g1sgh4n14sjfydh2rgixp7-gnused-4.7' from 'https://cache.nixos.org'...
copying path '/nix/store/vw5ffjgiy8ciglvnglad1gga0ygaydrm-libc++abi-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/sh60c0knd7s11k32256w29vaadyicpn9-libffi-3.2.1' from 'https://cache.nixos.org'...
copying path '/nix/store/qmgr598q5mmw23v9na5bls65swkhqqfa-libiconv-osx-10.12.6' from 'https://cache.nixos.org'...
copying path '/nix/store/pwn58bb13arpy8qvhv8zk8xf7bvzwv6r-ncurses-6.1-20190112' from 'https://cache.nixos.org'...
copying path '/nix/store/dklzvq9l4bddz1934zwqxfpilhi4nq2q-nghttp2-1.38.0-lib' from 'https://cache.nixos.org'...
copying path '/nix/store/j4v26srfl3y8gam493fhgdizfwmvdhbd-openssl-1.0.2r' from 'https://cache.nixos.org'...
copying path '/nix/store/8j52vc95fn3dqldy687mrv27b3v5b7mv-pcre-8.43' from 'https://cache.nixos.org'...
copying path '/nix/store/2fis6rlqbqhf4i28mp11i8z7h5bvfhyy-xz-5.2.4' from 'https://cache.nixos.org'...
copying path '/nix/store/nz18qdq9yv7hd9nyf7r8fn7n48w27hjs-zlib-1.2.11' from 'https://cache.nixos.org'...
copying path '/nix/store/0kn38pv5vqmkq5j4jrpqynjrwv551hjc-libc++-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/x6nk7252yg0f60k93j4dp28cbf7cgigc-libxml2-2.9.9' from 'https://cache.nixos.org'...
copying path '/nix/store/xllycfvg6yh6wgn57z45qcn4n5k495ym-zlib-1.2.11-dev' from 'https://cache.nixos.org'...
copying path '/nix/store/0rj5c34hy4spqgdrkj176ap7bmzvk1dx-bzip2-1.0.6.0.1-bin' from 'https://cache.nixos.org'...
copying path '/nix/store/bbrr07d3q4gdnkhzr1jb54jaicj3mylp-ed-1.15' from 'https://cache.nixos.org'...
copying path '/nix/store/dllrbbiw1fk0lj0jnxk5ikfwmh5ljvxk-gzip-1.10' from 'https://cache.nixos.org'...
copying path '/nix/store/nvk4jk5v6whzqqyy79mscvklydh5flqj-libkrb5-1.17' from 'https://cache.nixos.org'...
copying path '/nix/store/50r2sx926sqipv0sf2k22rqvpm7m28pb-xz-5.2.4-bin' from 'https://cache.nixos.org'...
copying path '/nix/store/4h02k3v0fnxn7fz6qpbkjp5pdxfrxfr1-gnugrep-3.3' from 'https://cache.nixos.org'...
copying path '/nix/store/60ls22hfwqi0ss04ky9rbfy94sggzvhb-patch-2.7.6' from 'https://cache.nixos.org'...
copying path '/nix/store/9hxa802j7cxlx0bqjrhfz6di3wgqlf2j-ICU-osx-10.10.5' from 'https://cache.nixos.org'...
copying path '/nix/store/1cdf8189bplcq89fd8v1rpy381fh28c6-cctools-port-895' from 'https://cache.nixos.org'...
copying path '/nix/store/a3xf5hr0igg3jlap17wssayyww644521-compiler-rt-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/xvfhkidy2sl3i5m2f2hxrxksfbb2icaz-gettext-0.19.8.1' from 'https://cache.nixos.org'...
copying path '/nix/store/ls35lgb4nnxdmcgw8a3pf5yfkkaax1mv-gmp-6.1.2' from 'https://cache.nixos.org'...
copying path '/nix/store/7w1b84axvzg5adfdgw1b0q6acxysdqq7-libssh2-1.8.2' from 'https://cache.nixos.org'...
copying path '/nix/store/7knybl6l5bmg283y8hcha2nh81kmb5b1-curl-7.64.1' from 'https://cache.nixos.org'...
copying path '/nix/store/987ybb398qwmb69ai6i1nzbhx8z013c1-coreutils-8.31' from 'https://cache.nixos.org'...
copying path '/nix/store/mizr852kqhgrj9727yc707x4ckfw07wr-compiler-rt-7.1.0-dev' from 'https://cache.nixos.org'...
copying path '/nix/store/ak5h31nd9l2agsvd7r92g1dxc2pdd327-diffutils-3.7' from 'https://cache.nixos.org'...
copying path '/nix/store/48d3m61pll2q2rn25s45bm3ypws3sa1d-findutils-4.6.0' from 'https://cache.nixos.org'...
copying path '/nix/store/5aqjq650c4k3ayrz0skrvba06dzqkkba-llvm-7.1.0-lib' from 'https://cache.nixos.org'...
copying path '/nix/store/0p9xfxlzjkxdnck1qzaybvw2rzp067hw-ncurses-6.1-20190112-dev' from 'https://cache.nixos.org'...
copying path '/nix/store/waa0aqhsw9rzap3di15si6wdbqh7zi4b-swift-corefoundation' from 'https://cache.nixos.org'...
copying path '/nix/store/zjn1rsaa4b8hjdd00gzmqapdi7vj2g39-binutils-2.31.1' from 'https://cache.nixos.org'...
copying path '/nix/store/7xxpjv1x0ixc0jnrgw7lbxbqzyikzv0n-gnutar-1.32' from 'https://cache.nixos.org'...
copying path '/nix/store/59p00lig3g39abiq93ms7c4zsn4j1rj6-DarwinTools-1' from 'https://cache.nixos.org'...
copying path '/nix/store/kmfjmci5i2d3hdgs9sipnynyq800kllm-readline-7.0p5' from 'https://cache.nixos.org'...
copying path '/nix/store/wiazyw6v604pwjjs88m8n5xdpsvvma57-nix-info' from 'https://cache.nixos.org'...
copying path '/nix/store/4nzcxiaa4yswxrpv9zivs0nnhsgxz27w-bash-interactive-4.4-p23' from 'https://cache.nixos.org'...
copying path '/nix/store/pc5z9smy6lkpz77fcwzk69p7296nmxk2-bash-interactive-4.4-p23-dev' from 'https://cache.nixos.org'...
copying path '/nix/store/m80khqyl8ll12rrickwbbnxqmpyv5aks-clang-7.1.0-lib' from 'https://cache.nixos.org'...
copying path '/nix/store/g65mnqdjhqkz3jjwf3zf0zd5xn9wliz9-llvm-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/2nqxi2qw2fd3dy80gfd65157vp5n85c6-clang-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/dvpgjv19mqjkpb144p08350ynx12ww36-cctools-binutils-darwin' from 'https://cache.nixos.org'...
copying path '/nix/store/w6z3finjvd2x6y4j84clxkh45apngwk3-cctools-binutils-darwin-wrapper' from 'https://cache.nixos.org'...
copying path '/nix/store/z96dbzxpz1mcdxajc3k12b65mspqbb21-clang-wrapper-7.1.0' from 'https://cache.nixos.org'...
copying path '/nix/store/s20j6f5qkd02cf6a41y5pxb141vphqig-stdenv-darwin' from 'https://cache.nixos.org'...
 - system: `"x86_64-darwin"`
 - host os: `Darwin 18.6.0, macOS 10.14.5`
 - multi-user?: `no`
 - sandbox: `no`
 - version: `nix-env (Nix) 2.2.2`
 - channels(root): `"nixpkgs-19.09pre180301.650a295621b"`
 - nixpkgs: `/nix/var/nix/profiles/per-user/root/channels/nixpkgs`

I'm also puzzled why nix-info says the installation is not multi-user.

I'm likely doing something wrong, so if someone could point me in the right direction, I'd appreciate it.

[charlieshanley]

The issue seems to have been solved by following the instructions here to provide NIX_SSL_CERT_FILE to the nix-daemon. Specifically:

sudo launchctl setenv NIX_SSL_CERT_FILE $NIX_SSL_CERT_FILE
sudo launchctl kickstart -k system/org.nixos.nix-daemon

[maljub01]

It's possible that all what's needed to fix this is restarting the daemon (ie. sudo launchctl kickstart -k system/org.nixos.nix-daemon) rather than adding the NIX_SSL_CERT_FILE environment variable. See #4023.

[happysalada]

For the poor souls that end up on this issue. Here is what I went through.

1. try just restarting the nix daemon with sudo launchctl kickstart -k system/org.nixos.nix-daemon (that didn't work for me)
2. set the NIX_SSL_CERT_FILE environment variable correctly.

• On macos, there is a default cert file at /etc/ssl/certs/ca-certificates.crt
  You can try setting the certfile with
  sudo launchctl setenv NIX_SSL_CERT_FILE "/etc/ssl/certs/ca-certificates.crt"
  and restarting the daemon
  sudo launchctl kickstart -k system/org.nixos.nix-daemon
  (my certfile was broken, no idea why, so it didn't work for me)
• Nix ships with its own certfile at /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt
  You can try setting the certfile with
  sudo launchctl setenv NIX_SSL_CERT_FILE "/nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt"
  and restarting the daemon
  sudo launchctl kickstart -k system/org.nixos.nix-daemon
  (that worked for me)

[will-clarke]

I also had to

nix-env -iA nixpkgs.cacert

¯_(ツ)_/¯

[sikmir]

Still an issue. Setting NIX_SSL_CERT_FILE and restarting nix daemon doesn't help.

[carneiroskeeled]

@sikmir did you solve the issue?

[nixos-discourse]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/ssl-ca-cert-error-on-macos/31171/1

[sikmir]

@sikmir did you solve the issue?

Yes, the recommendation above helped me finaly.

[sevillaarvin]

This issue has been mentioned on NixOS Discourse. There might be relevant details there:

https://discourse.nixos.org/t/ssl-ca-cert-error-on-macos/31171/1

This helped me as well. There was a broken symbolic link, probably from my previous nix-darwin install, which I ditched for just the raw nix.

Just to save everyone a click:

sudo rm /etc/ssl/certs/ca-certificates.crt
sudo ln -s /nix/var/nix/profiles/default/etc/ssl/certs/ca-bundle.crt /etc/ssl/certs/ca-certificates.crt