PCI-DSS 3.1 requires all SSL to only TLS 1.2 so a lot of providers are simply turning everything but TLS 1.2 off. I ran into this type of issue where CURL saw the failure to downgrade handshakes as a failure to verify the SSL certificate. Try finding where your code is doing the CURL call and add this line (be sure to replace $ch with whatever CURL handle your code uses)
curl_setopt($ch, CURLOPT_SSLVERSION, 6); // Force TLS 1.2
