From fb2dd3210072a03526e881cd2547cf4c2df4ba52 Mon Sep 17 00:00:00 2001
From: Eelco Dolstra <edolstra@gmail.com>
Date: Thu, 13 Oct 2016 17:09:10 +0200
Subject: SSL_CERT_FILE -> NIX_SSL_CERT_FILE

This prevents collisions with the "native" OpenSSL, in particular on
OS X.

Fixes #921.
---
 src/libstore/download.cc | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/libstore/download.cc')

diff --git a/src/libstore/download.cc b/src/libstore/download.cc
index b228cd0b4b37..337ebc9bfebf 100644
--- a/src/libstore/download.cc
+++ b/src/libstore/download.cc
@@ -210,7 +210,8 @@ struct CurlDownloader : public Downloader
                 curl_easy_setopt(req, CURLOPT_NOBODY, 1);
 
             if (request.verifyTLS)
-                curl_easy_setopt(req, CURLOPT_CAINFO, getEnv("SSL_CERT_FILE", "/etc/ssl/certs/ca-certificates.crt").c_str());
+                curl_easy_setopt(req, CURLOPT_CAINFO,
+                    getEnv("NIX_SSL_CERT_FILE", getEnv("SSL_CERT_FILE", "/etc/ssl/certs/ca-certificates.crt")).c_str());
             else {
                 curl_easy_setopt(req, CURLOPT_SSL_VERIFYPEER, 0);
                 curl_easy_setopt(req, CURLOPT_SSL_VERIFYHOST, 0);
-- 
cgit 1.4.1