`RepoBuilder` HTTPS clone of bitbucket.org --> Certificate Error

[nu11ptr]

Using git2 version 0.3.24. I'm trying to clone using a RepoBuilder. Relevant code snippet:

let mut builder = git2::build::RepoBuilder::new();
if let Some(callbacks) = params.make_callbacks() {
    let mut options = git2::FetchOptions::new();
    options.remote_callbacks(callbacks);
    builder.fetch_options(options);
}

let repo = builder.clone(params.clone_url.as_ref(), path)?;
Ok(repo)

This is generic clone code and works against a local Gogs host (using self signed certs - so cert validation is turned off in callbacks). It works for Bitbucket if I disable cert validation, so I know the callbacks are being attached as it also attaches authentication.

Under WSL2 (Ubuntu 20.04) I get this error when I attempt to clone a private repo from bitbucket.org:

Error { code: -1, klass: 34, message: "user rejected certificate for bitbucket.org" }

Under Windows (same host) I get this error:

Error { code: -1, klass: 34, message: "user cancelled certificate check" }

In my RemoteCallbacks if I allow bad certs it works fine, but I really want to validate this cert. Other programs such as git and curl in both WSL2 and Windows are able to use bitbucket.org just fine, so it doesn't seem to be an issue with the root certs in the OS. I've tried both vendored-libgit2 and vendored-openssl to no avail. I'm not quite sure where to look and if this is a bug or a configuration goof on my part. Any guidance appreciated, thx.

[ens-scmeeu]

Any update on this? Would be nice to just confirm this is an issue and not something I'm doing wrong, thx