How to setup --tls-ca-file certificate in Windows

First off, I apologize if I’m hammering this forum with a bunch of questions as I try to setup a CI pipeline with Windows. I’m not super familiar with Windows so I suspect these are all just dumb questions. Any help is super appreciated.

I’ve been able to get my gitlab-runner to pull jobs but it returns an x509: certificate signed by unknown authority error when trying to pull artifacts. I’ve looked through the “Self-signed certificates…” Gitlab documentation but I’m not clear on a solution. We are not hosting our own gitlab server nor do we have our own certificate authority.

My impression is the " Specify a custom certificate file" option is our best bet but all of the certificates I’ve generated using openssl or through powershell have returned the same “unknown authority” error when I run gitlab-runner verify

On Windows, how do you generate a trusted certificate? What exactly is necessary to get a Windows gitlab-runner to securely pull artifacts? Is it possible without your own server or CA?