Comment 5 for bug 396818

openssl s_client is typically used for testing / verify certificates - as it states in the man pages, this should only be used for testing.

There's no use case that I can see for using s_client without at least one CA certificate. The default behaviour of openssl in fedora is to use the system installed CA bundle, which is what any user would expect. At the very least openssl should warn you that you're attempting to connect without using any CA files.