schannel: SNI or certificate check failed: SEC_E_WRONG_PRINCIPAL (0x80090322) - The target principal name is incorrect.

Hello @Maryam Yazdanpour

There is a similar thread over Stack overflow, kindly review this if it helps to answer your query.

https://stackoverflow.com/questions/61940008/curl-35-schannel-sni-or-certificate-check-failed-sec-e-wrong-principal-0x8

Additionally there is a Microsoft article based on the error code you faced, maybe this will help to fix your issue: https://learn.microsoft.com/en-us/troubleshoot/windows-server/active-directory/replication-error-2146893022

Hello Maryam,

Thank you for posting question on Microsoft Windows Forum.

Based on your query of getting the error message "schannel: SNI or certificate check failed: SEC_E_WRONG_PRINCIPAL (0x80090322) - The target principal name is incorrect." when trying clone a repo on your computer.

The possible cause for this error to occur on Windows when Git tries to use the native Windows security layer (Schannel) to validate the SSL certificate of the repository host (like GitHub or GitLab), and it fails. Probably because you are behind a corporate firewall, VPN, or proxy that performs "SSL Inspection" (rewriting certificates), or if your Git configuration is simply clashing with the local network settings.

The suggestion here is to switch the SSL Backend to OpenSSL. As Git for Windows might be configured to use schannel (Windows native) by default. Switching it to openssl highly likely resolves certificate mismatch errors because OpenSSL handles certificates differently than the strict Windows API. Try to follow the below steps.

1. Run the following command in the terminal.
2. git config --global http.sslBackend openssl
3. After running this, try to clone your repo again.

Hope the above information is helpful! If it is. Free feel to hit "Accepted" for benefitting others in community having the same issue too.