You can check the chain using openssl verify. In Windows the command would be:
openssl verify -CAfile C:\pathtopem\chain.pem -verbose c:\pathtoCerfile\filename.cer
I don't know what the linux equivalent is.
When I ran into this issue, it was because the intermediate cert wasn't included in the chain. Open the cert and look at the sections and make sure your root cert is at the bottom and the vcenter cert is at the top.