Okay, as pointed out in an earlier comment, the self-signed certificate bit is a red-herring.
The failure on maverick looks like it's somehow related to how openssl is attempting to negotiate RFC4507bis session tickets, as running openssl s_client with -no_ticket also works; e.g.: openssl s_client -CApath /etc/ssl/certs -host server.db.kvk.nl -port 443 -no_ticket
Okay, as pointed out in an earlier comment, the self-signed certificate bit is a red-herring.
The failure on maverick looks like it's somehow related to how openssl is attempting to negotiate RFC4507bis session tickets, as running openssl s_client with -no_ticket also works; e.g.: openssl s_client -CApath /etc/ssl/certs -host server.db.kvk.nl -port 443 -no_ticket