If that is the case:
1. What does the eclipse software download plugin utilize that is different than what the egit plugin uses (After the nss.cfg modification that works perfectly fine).
2. How can I debug this? I just need some means to start probing, see a stack trace.. anything really. For now I'm stuck
I'm willing to continue looking at this, but am out of ideas as to how to go about finding the problem.
You can try to follow the contributor guide  to debug egit, but I am pretty sure the
problem you are looking for is buried somewhere in OpenJDK and its use of the security provider,
which in your case seems to be nss. If you are cloning over ssh you are using jsch  which itself
probably makes use of some security APIs of the JDK. Similar things happen when you clone