The problem is that you do not have any of Certification Authority certificates installed on your system. And these certs cannot be installed with cygwin’s setup.exe.
Update: Install Net/ca-certificates package in cygwin (thanks dirkjot)
There are two solutions:
- Actually install root certificates. Curl guys extracted for you certificates from Mozilla.
cacert.pem
file is what you are looking for. This file contains > 250 CA certs (don’t know how to trust this number of ppl). You need to download this file, split it to individual certificates put them to /usr/ssl/certs (your CApath) and index them.
Here is how to do it. With cygwin setup.exe install curl and openssl packages
execute:
<!-- language: lang-bash -->
$ cd /usr/ssl/certs
$ curl http://curl.haxx.se/ca/cacert.pem |
awk '{print > "cert" (1+n) ".pem"} /-----END CERTIFICATE-----/ {n++}'
$ c_rehash
Important: In order to use c_rehash
you have to install openssl-perl
too.
-
Ignore SSL certificate verification.
WARNING: Disabling SSL certificate verification has security implications. Without verification of the authenticity of SSL/HTTPS connections, a malicious attacker can impersonate a trusted endpoint (such as GitHub or some other remote Git host), and you’ll be vulnerable to a Man-in-the-Middle Attack. Be sure you fully understand the security issues and your threat model before using this as a solution.
$ env GIT_SSL_NO_VERIFY=true git clone https://github...