In my first post about Git I wrote about the problem with non-public CA signed certitificates and how to handle it. I did not mention the easierst (and unsecured) way to handle this, so I write this post to have all possibilities in one place.
Add certificate to truststore
I download the public certificate of the CA from webbrowser and add it to the truststore of Git.
Where is the cert store of git?
git config --system --list
http.sslcainfo={PathToGit}/mingw64/ssl/certs/ca-bundle.crt
To add the non-public CA cert to Git cert store just open ca-bundle.crt and the downloaded certificate with an text editor and copy the content of the certificate to the ca-bundle.
Use Windows Networking Layer
I configured the sslBackend to the Windows Networking Layer:
# use SChannel, the built-in Windows networking layer. This means that it will use the Windows certificate storage mechanism and you do not need to explicitly configure the curl CA storage mechanism. git config --global http.sslBackend schannel
Disable SSL Verify
The easierst and unsecure way is to simply disable SSL validation:
git config --global http.sslVerify false
This also works with the system configuration (--system instead of --global). I did this an a project with a very short time budget, we had to configure Git on the Linux system and this Git installation was used by a Jenkins. Both servers, Git & Jenkins, are in the same corporate intranet.