The typical way I kind of debug this problem is by using OpenSSL client.
Openssl s_client -connect server:443
If this signed by known authorities (read verisign all those folks) you should get a error of 0.
If it is a self signed certificate you would get an error code 19. And on passing in caFile argument you should be able to obtain 0.
And if the client and server use different version of ssl we would have issues.