We have a failing monitor in the our account.  The customer has updated their cert recently, and it seems that the new root cert is not in the ASM store.  The site certificate verifies fine on a browser.  For now, I have disabled the certificate validation for this site.

How could the cert store used by ASM be updated?  

Release : SAAS

Component :

ASM does not store nor maintain certificates from users.  It is up to the owner of the site to maintain their certificates.  If the user has a specific certificate to use, then the user must upload it to the Monitor themselves. 

Also using online SSL checkers, you can test your site through them and they will tell you if your site's certificate chain has any issues where the certificate is not trusted due to not having a trusted anchor (root cert), a missing intermediate cert, etc.....

https://www.sslshopper.com/ssl-checker.html

https://www.ssllabs.com/ssltest/analyze.html