1. What is the issue? Please be detailed.
The SSL certificate for our site expired so we replaced it with a new one. Now we can access ODK Aggregate on the web and everything is secure, but ODK Collect cannot access the server. When user selects 'Get Blank Form' a popup appears saying "Collect can't connect securely to the server at https://. . . ."
2. What steps can we take to reproduce this issue?
?
3. What have you tried to fix the issue?
Uninstalling and reinstalling ODK Collect, rolling back to earlier version
4. Upload any test forms or screenshots below.
Aggregate is no longer being updated and not being supported. We recommend you use Central instead.
As to what is happening here, your best bet is to look at the Aggregate and Tomcat logs. My guess is that your new SSL cert has a root cert that is too new for your Android device.
To confirm, go to https://www.ssllabs.com/ssltest, run a test and check the Handshake Simulation under Configuration to see what devices are supported. Here's what a well-configured server looks like.
Thanks @yanokwa, unfortunately I don't have much of a choice. I inherited this system, don't know much about it, and need to try to make it work for at least the next little bit!
I tried the site you suggested but it was unable to connect, probably due to firewall issues at my organization. Tomcat logs were a bit of a mystery. Where can I find the Aggregate logs? Our Android devices are definitely of various age, but I have a newer Samsung tablet (Galaxy Tab Active 3) running OS 11 and it is suffering the same connection problem.
Ask whomever is responsible for the firewall or whomever provided the certs to help you run the SSL tests.
We were able to solve the issue by creating the intermediate and root certificates and including them in the keystore.
We would be very interested in migrating to ODK Central, but the lack of iOS support is, very unfortunately, a deal breaker for us. 
Maybe that will be on the future roadmap?
Glad you've found a solution.
Central has more iOS support than Aggregate because public access links to forms work in Safari browser on iOS. It's not as powerful as the Collect on Android, but it's worth a try.
That's good to know, thank you!
