Is it the device certificate that is generating the untrusted erorr or is it due to the CA and/or intermediate certicate in the chain being untrusted?   

http://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB40704/ has some steps to follow to determine what is failing in the certificate chain.

If the device certificate has expired then you will need to generate a Certificate Signing request (CSR) and submit it to a Certificate Authority (CA) who will issue a new certificate, see http://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB29002/ for detailed steps.

If the problem is the device certificate chain then you will need to ensure that the CA and intermediate certificates are valid and correct under  System > Configuration > Certificates > Device Certificates >  Intermediate Device CAs , http://kb.pulsesecure.net/articles/Pulse_Secure_Article/KB17134/ has an example for importing a missing intermediate certificate.

Thank you for the links, I dont believe they help with my situation. On our appliance, if I got ot System, Configuration, Trusted Server CAs, I have a Trusted Server CA called ApplicationCA that has expired and is causing the warning that users are about to sign into an untrusted server when signing into the PulseSecure desktop app. There are maybe 100 other CAs in the list that are not expired, I'm not sure if there is something special about ApplicationCA?