There have been many questions asked on this subject but none of them have a definitive answer.
I am developing in Visual Studio 2017 (v15.8.5) on a company network, behind proxy with my Git repositories on Azure DevOps (formally VSTS).
When I try and do anything with the repo (Push/Pull/Sync etc) I am constantly getting errors SSL certificate problem: unable to get local issuer certificate. The error occurs both when using the Team Explorer inside V/Studio or Git commands in a CMD (Administrator) window.
To resolve that problem, most answers where to use Git Credential Manager For Windows, within Got For Windows, so I have now v2.19.1
Now I am getting Failed to receive handshake, SSL/TLS connection failed
If I disconnect from the company LAN and connect to an open WiFi (home, 4G) then everything works absolutely fine, so it is obviously something to do with how Git and my company proxy are communicating with each other.
This is the my global .gitconfig
[user] name = xxxxxxxxx email =
[http] sslcapath = C:/Program Files/Git/usr/ssl/certs sslCAInfo = C:/Program Files/Git/usr/ssl/certs/ca-bundle.crt sslBackend = schannelIf I had hair, I'd pull it out ... Please someone help..
41 Answer
The solution for me was:
set http.schannelcheckrevoke=false (requires git >= 2.19, see )
Please note that schannel uses the "Native Windows Secure Channel library" (in which your IT department also stores your company SSL certificates) and not OpenSSL. Therefore setting sslCAInfo will have no effect AFAIk.
Related Question:
In general: Make sure the http.proxy settings are set correctly. Have you tested them?
Try to clone something with behind the proxy using http.sslVerify=False to rule out that the proxy has a problem.
Note also that VisualStudio uses it's own implemted Git binary. So test first with the command line and make sure that the correct git binary is used (where git and git --version)