You can achieve this using OpenSSL. (Mac OSX includes OpenSSL within Terminal.app)
This usually means the implementation of SSL on your server is not correct. The error is usually caused by a server side problem which the server administrator will need to investigate.
Some hosting systems require the Private key to be in RSA format rather than PEM. You can easily convert these files using OpenSSL.
This message is sometimes displayed when accessing an SSL page via a proxy (including our own payment page PayPal).
The only solution is to re-issue your SSL certificate. Your new certificate will be truncated to 39 months and any remaining months will be lost.
If you have lost your certificate, need to move servers or had a problem with the installation then it may be possible to re-issue your certificate at no extra charge providing the common name remains exactly the same.
This means when you generated your CSR request you did not specify the correct 2 digit country code.
This indicates that the certificate needs to be reissued. This is a result of the Browser distrust.
During a SSL/TLS certificate order you may see the option to select SHA256 or SHA256-FULL-CHAIN for the hashing algorithm.
When access a site you may get the above error in Chrome. This is a client side error.