Thanks Garret.
I figured it out! Had to add all the intermediate certificates in the cert file provided from CA, in order for android to trust the chain completely. I guess android has higher chain trust demans (TLS 1.3?) than others or something in that manner.
Anyways, issue is resolved 
