1. Saying "Open a ticket" is not helpful for the community. It means that when other search for answers to this issue there is no discussion or possible solutions. Very poor service from someone labeled "Employee"
2. I already had a ticket opened and already tried the "Look at the logs/flow etc" with Okta support. This was no help. There were no Okta log to inspect because the ASA could not use the Okta certificate to contact Okta. The ASA also did not have helpful logs showing why it failed. It simply shows the config commands I issues. If you had responded with at least the minimum amount of fact finding question you would know that.
3. For anyone who searches this topic, I was able to resolve it. With Cisco OS being based on Linux/Unix it is case sensitive. During configuration I ended up with a trustpoint "Okta" and a trustpoint "okta". The no ca-check was applied to one and not the other. I am not sure exactly which caused the SAML IDP certificate fail error. Either the one Okta/okta trustpoint not having the no ca-check command or if it was because there were 2 Okta/okta trustpoints and when the ASA was trying to reach out it had mis-match issues. To fix it I removed both trustpoints completely and recreated the "okta" trust point with the no ca-check command included.

I hope this is helpful for other Okta customers who want to use this community as a problem solving resource rather than just recieve the "Open a ticket" guidance.