The issue may not be in fact that the Java does not trust the certificate (with respect to who signed it), but that the certificate installed on as-git-pcrepo.pc.net does not pass a specific check that an underlying library uses which verifies the certificate.
As a part of the upgrade of this library (okhttp), at some point it became no longer possible to verify a certificate with the hostname only declared in the CN.
Hostnames now need to be defined as a SubjectAlternativeName in a certificate.
The certificate will need to be regenerated with the proper SubjectAlternativeName(s) and installed on the as-git-pcrepo.pc.net. Right now it appears to be missing.
java.lang.IllegalStateException: Hostname as-git-pcrepo.pc.net not verified:
certificate: sha256/WZ28jhSF5NSdnStuAhC23xIbGctPIH9+JBATVbR85GM=
DN: CN=as-git-pcrepo.pc.net
subjectAltNames: []