openssl 0.9.8 to openssl 1.0.x CA certificates stop working
You will _not_ have this problem if you completely reinstall everything.
Using a binary linked to libssl 1.x in an 0.9.8 environment will show all certificates as invalid. This is because the root certificates are hashed with a different hash function in 1.x.
You have to download the 1.x distro from openssl.org, Then call the included c_rehash as "c_rehash -n <the certs directory>". You must use the one from the download, not the default one AND make sure the OPENSSL environment variable points to a 1.x openssl binary. Then -n will prevent the old links from beeing deleted, so your 0.9.8 software will continue to operate.