Could you provide net-internals per instructional link so that we could inverstigate the issue? https://sites.google.com/a/chromium.org/dev/for-testers/providing-network-details

This appears to be the only relevant part.

t=9476 [st=139]        SSL_CERTIFICATES_RECEIVED
                       --> certificates =
                              -----BEGIN CERTIFICATE-----
                              MIIGqTCCBZGgAwIBAgIQBfHABnf4psmOsWTEsIIr5TANBgkqhkiG9w0BAQsFADBB
                              MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMdGhhd3RlLCBJbmMuMRswGQYDVQQDExJ0
                              aGF3dGUgU1NMIENBIC0gRzIwHhcNMTYwOTEyMDAwMDAwWhcNMTkwOTEyMjM1OTU5
                              WjBjMQswCQYDVQQGEwJERTEQMA4GA1UECAwHU2FjaHNlbjEQMA4GA1UEBwwHRHJl
                              c2RlbjEXMBUGA1UECgwOQ3liZXJwb3J0IEdtYkgxFzAVBgNVBAMMDiouY3liZXJw
                              b3J0LmRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAznJS+jfvOBV3
                              5Qq4P7awRrCJi7ASiQBz/Xu6qXtY49L2hhPlc9+yW7NUUsAWGSG7/51UsaE62q/T
                              8B9+powFCCebB2hKE3Xen8NZBaWFP2yEUtjSggGgS8iJX8XPJpSGiX74sNPiP3Y5
                              o5opwVF94woywQV7gu4+zt//42pBSudqih2CIdEFUq2aHtrbn5/uAZKgcTGvWm2F
                              a4/D90fZmLmUe4YAT8UENJbqoiAO7cVtXwkl8vyCiYtvi2/a9MiEbzsBQyDfjNJp
                              k6F2B+agaREJNHc83dBmA8ZaNVPJOWLyDON/87eVD1hOfzTBZ6BRCuPkxAdNL9WI
                              vHZc9IxSQwIDAQABo4IDeTCCA3UwJwYDVR0RBCAwHoIOKi5jeWJlcnBvcnQuZGWC
                              DGN5YmVycG9ydC5kZTAJBgNVHRMEAjAAMG4GA1UdIARnMGUwYwYGZ4EMAQICMFkw
                              JgYIKwYBBQUHAgEWGmh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vY3BzMC8GCCsGAQUF
                              BwICMCMMIWh0dHBzOi8vd3d3LnRoYXd0ZS5jb20vcmVwb3NpdG9yeTAOBgNVHQ8B
                              Af8EBAMCBaAwHwYDVR0jBBgwFoAUwk9IV/zRT5rAXTh9DgXb2S61UmAwKwYDVR0f
                              BCQwIjAgoB6gHIYaaHR0cDovL3RqLnN5bWNiLmNvbS90ai5jcmwwHQYDVR0lBBYw
                              FAYIKwYBBQUHAwEGCCsGAQUFBwMCMFcGCCsGAQUFBwEBBEswSTAfBggrBgEFBQcw
                              AYYTaHR0cDovL3RqLnN5bWNkLmNvbTAmBggrBgEFBQcwAoYaaHR0cDovL3RqLnN5
                              bWNiLmNvbS90ai5jcnQwggH3BgorBgEEAdZ5AgQCBIIB5wSCAeMB4QB2AN3rHSt6
                              DU+mIIuBrYFocH4ujp0B1VyIjT0RxM227L7MAAABVx4EoJEAAAQDAEcwRQIgEtF1
                              xrPHmUP2pt6bNaKsQWuZp2s2c8zXHAhyRpbjssUCIQCdNAwerUBIvSqQmIVxAEGi
                              ps9/Euhe9G0edE5+Tz4GjwB2AKS5CZC0GFgUh7sTosxncAo8NZgE+RvfuON3zQ7I
                              DdwQAAABVx4Eov0AAAQDAEcwRQIhAO6j8eIW/o44CGeQsuSJAL7g9R95kZdbUxjL
                              sXccwd9XAiACglh9MgvB75qweUkY0a1tRCu25DjN9503Wlxls9GK9AB2AGj2mPgf
                              ZIK+OozuuSgdTPxxUV1nk9RE0QpnrLtPT/vEAAABVx4Eov8AAAQDAEcwRQIhAKw6
                              yGecd0RDtpYoKoJULzveYnh7D6UxjtblBfWvf7nLAiBz+VcNDuDoezZ8Xn3ns+78
                              NogBVyGhJwelmxrFYi+epwB3AO5Lvbd1zmC64UJpH6vhnmajD35fsHLYgwDEe4l6
                              qP3LAAABVx4EpMEAAAQDAEgwRgIhAKIxV63zj94mhBi4yrTjU6GVzVRgsMGuYI3o
                              ldlqV4O+AiEAtcMmaMZxnRf7bq3JqFHvY3reXLb93o5XEUtuabzCVDgwDQYJKoZI
                              hvcNAQELBQADggEBAG9I/Vv5WKvEM68Lqv345AzmP+e3YoX795k/5GPZrMxahycd
                              88x1NKRg6TJbXiDYlb9h4+zoA7FdXlj0jTOaSPcbI7Nq4rVvAV9/vu73Sm2xQyVp
                              I36k3VePIOxrOXkvTLSW0ejZ9hEW0winn4qvCyDZ1vU7XA2yVJHtCl0UDQgJBSoh
                              zyk+IIO7Ezwdld3cAJStS40ElKX+ghX1nJMNb9xvTvEr0Gz9n3Ftzm6LKzSA9+RE
                              x3v7I+8090jI9VNKl5jVR5jzWSrdhf3rbjxwRP9W9MPzYf0HYkqSSxdhjjwTET77
                              aDxoK5kMtVyThNuV2e1yBkDjB3RBaVWAiAjNSGM=
                              -----END CERTIFICATE-----
                              
t=9477 [st=140]     -SSL_CONNECT
                     --> net_error = -202 (ERR_CERT_AUTHORITY_INVALID)

I believe this is Android lacking AIA fetching. See:
https://www.ssllabs.com/ssltest/analyze.html?d=m.cyberport.de

If it's a server you run, it should be reconfigured to ship the missing intermediate certificate. It appears it needs thawte SSL CA - G2.

+estark, I dunno if you have a bug to fold this into.

(It's not my server.) If that's the reason, the error message could be
improved I think.

No, this is not an error message we can improve short of actually implementing AIA fetching, at which point we wouldn't need to show it. With things as they are, the error message is correct. The server is misconfigured and failed to produce a chain which reached at a valid certificate authority. It turns out this was because the server failed to produce the missing link in the chain, but we can't know if it's because the server failed to produce such a thing or if such a thing does not exist.

Interesting: Firefox 49 (Linux) also shows an SSL error, unlike on Android.

Right, I believe Firefox also doesn't do AIA chasing.

It appears they noticed it, as the certificate has been replaced.