You can achieve this using OpenSSL. (Mac OSX includes OpenSSL within Terminal.app)
This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.
A warning is displayed in the Chrome console window regarding your certificate
This message is sometimes displayed when accessing an SSL page via a proxy (including our own payment page PayPal).
Some hosting systems require the Private key to be in RSA format rather than PEM. You can easily convert these files using OpenSSL.
This indicates that the certificate needs to be reissued. This is a result of the Browser distrust.
If you have lost your certificate, need to move servers or had a problem with the installation then it may be possible to re-issue your certificate at no extra charge providing the common name remains exactly the same.
During a SSL/TLS certificate order you may see the option to select SHA256 or SHA256-FULL-CHAIN for the hashing algorithm.
This means when you generated your CSR request you did not specify the correct 2 digit country code.
The only solution is to re-issue your SSL certificate. Your new certificate will be truncated to 39 months and any remaining months will be lost.