I tried to install something with Homebrew today (a package that is out of date on Nix) and it failed with the following error:

curl: (51) SSL: certificate verification failed (result: 5)

Digging into this, it's trying to download a file using curl that, after redirects, ends up fetching a URL like

https://akamai.bintray.com/5c/5ce4e36ed803d7ee2863b8a84b2123fb29f34e02e7c2f908284bb24408f94a65?__gda__=exp=1464730847~hmac=bfe122e8b6bcbf8d01952ab997861ac1fed2434aceccc74cf5c356ad107a1481&response-content-disposition=attachment%3Bfilename%3D%22git-lfs-1.2.0.el_capitan.bottle.tar.gz%22&response-content-type=application%2Fgzip

(I assume this URL is not permanent)

The fetch for this resource is what triggers the certificate verification failure. Unsetting $SSL_CERT_FILE fixes the issue. My assumption here is that the root certificate for that server isn't included in Nix's ca-bundle.crt, though I don't know why that would be.

This is with Nix 1.11.2 on OS X 10.11.5.