Your certifiate has been renewed yesterday, could it be that the problems also started at this date?
www.cchsbc.ca definitely returns a wrong certificate, not sure if this is related to your issue here since the Qualys report was for chat.viulibrary.ca.
It could also very well be that this specific user of yours is going the wrong path and therefore gets this message. What operating system is this user on? There were some modifications necessary to the certificate trust store on Linux f.ex. in order to avoid the expired root CA certificate from Let’s encrypt, but this has been quite some time ago…
It boiled down to removing/commenting the X3 certificate in /etc/ca-certificates.conf and running update-ca-certificates again to update the store.