SSL certificate rejected by Git Clone though the CA is trusted [duplicate]

With Git bash on Windows 11, I try to git clone an Azure DevOps repository, but get rejected with SSL peer certificate or SSH remote key was not OK.

I know roughly what it means: the certificate cannot be trusted.

Maybe because the root CA of its certification chain is self-signed by my company.
This is fair, but:

• the certificate of the root company CA is trusted by Windows (both in the Company Trust and Trusted Root Certification Authorities),
• the ones of the two intermediate CAs (company's services) too (in Intermediate Certification Authorities),
• I've even added the leaf certificate to the Windows Trust Store.

Which configuration is missing to make it work?

I know that I could bypass the check with git config http.sslVerify false but at least once I'd like to understand why I've never seen a git clone over SSL successful in any corporate environment, with every IT documentation mentionning that we must configure http.sslVerify false.
I'm pretty sure this is because the issue is not that important on secured corporate networks so nobody cares about it and does not take the time to setup Git and/or the workstation to work with SSL.