The problem is that you do not have any of certificate authority (CA) certificates installed on your system. And these certificates cannot be installed with Cygwin’s setup.exe.
Install Net/ca-certificates package in Cygwin (thanks dirkjot)
There are two solutions:
- Actually install root certificates. The curl guys extracted the certificates from Mozilla for you.
cacert.pem file is what you are looking for. This file contains more than 250 CA certificates (don’t know how to trust this number of people). You need to download this file, split it to individual certificates put them to /usr/ssl/certs (your CApath) and index them.
Here is how to do it. With Cygwin setup.exe install the curl and OpenSSL packages.
Execute:
<!-- language: lang-bash -->
$ cd /usr/ssl/certs
$ curl http://curl.haxx.se/ca/cacert.pem |
awk '{print > "cert" (1+n) ".pem"} /-----END CERTIFICATE-----/ {n++}'
$ c_rehash
Important: In order to use c_rehash you have to install openssl-perl too.
-
Ignore SSL certificate verification.
WARNING: Disabling SSL certificate verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint (such as GitHub or some other remote Git host), and you’ll be vulnerable to a man-in-the-middle attack. Be sure you fully understand the security issues and your threat model before using this as a solution.
env GIT_SSL_NO_VERIFY=true git clone https://github…