GIT Fails Due To GnuTls

Question

This seems to be a popular question in this forum. My apologies if this is a duplicate, but none of the other questions or solutions have been able to resolve my problem.

Env = Ubuntu 20.04 Server, inside virtualbox,using required wireguard vpn on host.

Problem: My git connections fail due gntls and unfortunately, the GIT CURL command isn't providing a lot of clues as to how to fix it. Here's the output of GIT CURL

# GIT_CURL_VERBOSE=1 git clone https://github.com/some-repo-address.git
Cloning into 'git-openssl-shellscript'...
20:05:54.628701 http.c:664              == Info: Couldn't find host github.com in the .netrc file; using defaults
20:05:54.825592 http.c:664              == Info:   Trying 20.205.243.166:443...
20:05:54.825656 http.c:664              == Info: TCP_NODELAY set
20:05:54.886531 http.c:664              == Info: Connected to github.com (20.205.243.166) port 443 (#0)
20:05:54.914007 http.c:664              == Info: found 387 certificates in /etc/ssl/certs
20:05:54.914267 http.c:664              == Info: ALPN, offering h2
20:05:54.914281 http.c:664              == Info: ALPN, offering http/1.1
20:08:56.281931 http.c:664              == Info: gnutls_handshake() failed: Error in the pull function.
20:08:56.282024 http.c:664              == Info: Closing connection 0
fatal: unable to access 'https://github.com/some-repo-address.git/': gnutls_handshake() failed: Error in the pull function.

Solutions that I have tried:

1. I installed the git ppa and updated to the latest version

2. I tried adjusted proxy settings for my vpn as follows:

   [http] proxy = http://xxx.xxx.xxx.xxx:pppp

(this was useless, as the git curl command shows. I am actually connecting to github)

3. I tried this old script to switch git to openssl, but the script failed (out-dated) https://github.com/paul-nelson-baker/git-openssl-shellscript

4. I installed: apt-get -y install build-essential nghttp2 libnghttp2-dev libssl-dev

Nothing seems to work. Help appreciated.

UPDATE
Based on the questions from @jessehouwing, I providing the following additional information:

What version of git?
Latest git installed via PPA 2.35.1

What version of OpenSSL?
OpenSSL 1.1.1f

Can you curl GitHub.com or does it also fail the handshake?

The output of # curl -v https://github.com is as follows

*   Trying 20.205.243.166:443...
* TCP_NODELAY set
* Connected to github.com (20.205.243.166) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
  CApath: /etc/ssl/certs
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* OpenSSL SSL_connect: Connection reset by peer in connection to github.com:443 
* Closing connection 0
curl: (35) OpenSSL SSL_connect: Connection reset by peer in connection to github.com:443``` 
 
Do you have a potential content inspection firewall/proxy between you and the web (antivirus, corporate)? How are you connecting to the internet? Any VPN in play?


No content inspection per se, but my test server is inside virtualbox, using a host-only adapter for internet access, the host-only network's IP uses IP masquerade to via /etc/ufw/before.rules to access outside internet.  Meanwhile my host machine uses IP masquerade to route all traffic through my wireguard vpn ip address / primary network interface as follows:

-A POSTROUTING -s 10.10.10.8/24 -o wg0 -j MASQUERADE -A POSTROUTING -s 192.168.51.3/24 -j MASQUERADE

Have you tried with a free VPN service like TunnelBear? – 

Not possible.  My current wireguard VPN is required for various reasons.