Could you provide more information? Snippets of the config that are relevant e.g custom TLS certs config, what does the flake look like, self-signed TLS certs? What exactly is breaking? curl https://localhost:8080/something
?
Have you compared the environment variables?
So the certs end up in these files:
Only the first one is mentioned on stackoverflow as being used by Go on debian.
Curl seems to have its default location compiled in by passing
--with-ca-bundle
, but after installingcurlFull
and runningcurl-config --ca
, it doesn’t look like that was used and the “default” path is guessed.Looking further in the
curl
derivation there are these lines for darwin :So, check the value of
NIX_SSL_CERT_FILE
outsidenix shell
and within. The path might have to be set there. I dunno how to do that automatically withnix shell
, so it might have to be done manually.Anti Commercial-AI license