I just had another customer with the same issue, which is very specific to freebsd, and they were able to find a solution. Your mileage may vary but it may help.
They said that it seems like freebsd does not have a “system” to store CA root files. The administrator has to acquire and place the root ca file. They said there is a port in /usr/ports/security/ca_root_nss which will fetch the file for you, but it does not put it in the location that openssl expects. Their solution was to make a symlink from /usr/local/etc/ssl/cert.pem to /etc/ssl/cert.pem for openssl to be able to find the certs. There may be a build option for this or another solution, or there may be a bug why it doesn’t do this itself. They manually created that symlink and it started working for them.
Can you give that a try and see how it goes?