> Maybe I am just stating the obvious, but this error seems to be certificate
> related, i think network access is ok, but the certificate cant be
> validated, as no root cert is found.

That was my first clue as well! :)

But looking at other downloaders, only url-fetch has some x509 provisions.  I'm
not too sure about its mechanics however.  For instance, there is this snippet:

--8<---------------cut here---------------start------------->8---
(define %x509-certificate-directory
  ;; The directory where X.509 authority PEM certificates are stored.
  (make-parameter (or (getenv "GUIX_TLS_CERTIFICATE_DIRECTORY")
                      (getenv "SSL_CERT_DIR"))))  ;like OpenSSL
--8<---------------cut here---------------end--------------->8---

But url-fetch is quite complex and I've little time to study it at the moment :p

-- 
Pierre Neidhardt
https://ambrevar.xyz/