Enabling Avast Antivirus’ WebShield and then attempting to use the built-in cURL for Windows always results in the following error:
curl: (35) schannel: next InitializeSecurityContext failed: CRYPT_E_NO_REVOCATION_CHECK (0x80092012) - The revocation function was unable to check revocation for the certificate.
The obvious workaround is using the --ssl-no-revoke flag, but this doesnt work for software like git for Windows which relies on cURL for software-updates, forcing me to disable my AV’s WebShield for updates.
This has been a well-known problem for quite some time, any plan on fixing it?
This is rather annoying. And Git for Windows is going to default to using SChannel in the next version for new installs. Which will cause this to happen for all interactions with Git over HTTPS.
A workaround for now is to: echo ssl-no-revoke >> ~\.curlrc in pwsh (PowerShell 7) (Or any config path that cURL reads), to disable SChannel revocation checking, but this is less secure and it is better that such revocation checks will work with Avast properly.
I’m not sure if annoying from Avast is actually monitoring this forum though. Possibly only paid customer support gets any attention nowadays.