TFS Build Agent failing to connect to HTTPS git in TFS 2017 when running as service

Question

We are using an internal certificate on our server and I\'ve followed the steps in

https://blogs.msdn.microsoft.com/tfssetup/2016/12/19/error-ssl-certificate-problem-una

Answer 1

I ran into this problem as well. Are you sure you updated the correct custom trust-store? The one in the agent directory \externals\git\mingw64\ssl\certs\ca-bundle.crt ? This seems to be the one that the agent uses nowadays. So even though your system git may be working fine, the agent won't use that and thus won't trust your self-signed SSL cert.

update: if that fails too, you could try running the git.exe in there and setting the sslVerify flag to false, e.g.:

C:\agent\externals\git\cmd\git.exe config --global http.sslVerify false