Package fetch issues with internal SSL certificate

I am trying to update julia packages in some environment I don’t fully control. I don’t have administrative access to root certificate store, and I can’t change the network – SSL requests to github are intercepted.

I can fix this with commandline usage of git by telling it to use a given CA certificate for requests to github.com, a la

git config --global http.https://github.com.sslCAInfo /path/to/some/cert

I can then confirm this works by cloning some repos. However, if I enter julia repl and try to instantiate my project, it fails like so:

pkg> instantiate
    Cloning default registries into `~/.julia`
    Cloning registry from "https://github.com/JuliaRegistries/General.git"
ERROR: failed to clone from https://github.com/JuliaRegistries/General.git, error: GitError(Code:ERROR, Class:None, No errors)

I use julia version 1.4.1 however I did try with many versions of julia (including old ones) and am unable to get this to work correctly. Is this something that is known about, and are there any workarounds?

Extra info: 9148 is firewalled off, so I can’t configure it to go via git:// instead. Same with ssh.

For those who might encounter this and don’t know what solution would be:
Julia downloaded as a binary package bundles its own certificate store and ignores the system store.

As of 1.4.2 this was found in ${JULIA_DIR}/share/julia/cert.pem – what you can do is move it out of the way like so
mv ${JULIA_DIR}/share/julia/cert.pem ${JULIA_DIR}/share/julia/cert.pem.bak
and then link system store
ln -s /etc/ssl/certs/ca-certificate.crt ${JULIA_DIR}/share/julia/cert.pem

Last command assumes ubuntu derivatives, on fedora 32 the certstore location is at /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem. Your distribution might differ too.