You will have to import both root and intermediate CAs on the SSL VPN. One of the well know intermediate CA of verisign is expired.
You can also open a case with JTAC to have this fixed.
Please refer the following KB
please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks
Thanks. The real problem was that I loaded the incorrect Intermediate CA when trying to replace the expired one. Once I found the one that matched the Installed Certificate, all was good.