X.509 certificate chain on web site has wrong intermediate certs
The certificate chain offered by bugs.otr.im is "transvalid" -- it doesn't have the right intermediate certs to complete the full verification. Most browsers will work around this because they have a cache of other intermediates and they can figure it out, but other clients (like git or wget or gnutls-cli or "openssl s_client") might not be able to do so.
suggests that you probably want the "Gandi Standard SSL CA 2" intermediate cert that has fingerprint 247106a405b288a46e70a0262717162d0903e734, available as the first cert in: https://www.gandi.net/static/CAs/GandiStandardSSLCA2.pem (and attached here).
(from redmine: created on 2015-04-17, closed on 2015-05-24)