First of all my compliments for your terrific SSL server test tool.
When testing the tool I was wondering which certifcate store is used for testing purposes. To be more specific: when using the test tool I noticed that our Staat der Nederlanden Root CA - G2 appears not to be trusted (e.g. https://sha2.diginotar.nl/ and https://extranet.eherkenning.nl/) even though it is trusted for websites in Mozilla NSS (as per FF version 3.5.9 and 3.6.2) and in the Microsoft Certificate store as from 2/24/2009 (and also in Opera and Mac OS-X).
I see know no other reason(s) why our G2 Root is failing the test especially because our first generation Staat der Nederlanden Root CA is working fine when testing it (e.g. https://applicaties.digid.nl/aanvragen). Apart from the crypto used there is no difference between both Root CAs.
Looking forward to your reaction(s).