I believe there's TLS issues with pulling for the current 1.2.0 release. root@horna ~# guix pull substitute: updating substitutes from 'https://guix.cbaines.net'... 100.0% 0.0 MB will be downloaded downloading from https://guix.cbaines.net/nar/lzip/zg72c146skpca45ijvjigqhqgx0mwiny-le-certs-0 ... le-certs-0 4KiB 1.8MiB/s 00:00 [##################] 100.0% Updating channel 'guix' from Git repository at 'https://git.savannah.gnu.org/git/guix.git'... guix pull: error: Git error: the SSL certificate is invalid root@horna ~# wget https://git.savannah.gnu.org/git/guix.git --2021-02-28 11:22:49-- https://git.savannah.gnu.org/git/guix.git Resolving git.savannah.gnu.org (git.savannah.gnu.org)... 209.51.188.201, 2001:470:142:5::201 Connecting to git.savannah.gnu.org (git.savannah.gnu.org)|209.51.188.201|:443... connected. ERROR: The certificate of ‘git.savannah.gnu.org’ is not trusted. ERROR: The certificate of ‘git.savannah.gnu.org’ doesn't have a known issuer. This is probably possible to work around by doing: guix pull --url=http://git.savannah.gnu.org/git/guix.git As the commit signatures are checked, the risk of not using HTTPS should be reduced.