diff --git a/apps/s_apps.h b/apps/s_apps.h
index 5d7d158a7d53dc4c81bec8acb22fdeac89f7cb87..6aab0a60b591f4f62bc78f765ad2a6d747c55658 100644
--- a/apps/s_apps.h
+++ b/apps/s_apps.h
@@ -201,4 +201,7 @@ int args_ssl(char ***pargs, int *pargc, SSL_CONF_CTX *cctx,
 			int *badarg, BIO *err, STACK_OF(OPENSSL_STRING) **pstr);
 int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
 				STACK_OF(OPENSSL_STRING) *str, int no_ecdhe);
+int ssl_load_stores(SSL_CTX *ctx,
+			const char *vfyCApath, const char *vfyCAfile,
+			const char *chCApath, const char *chCAfile);
 #endif
diff --git a/apps/s_cb.c b/apps/s_cb.c
index c83687fb0b7d27fa049c8a83b6e7e79b996b684c..aed718b1f648825464425d8d879f9bceba319d51 100644
--- a/apps/s_cb.c
+++ b/apps/s_cb.c
@@ -1671,3 +1671,32 @@ int args_ssl_call(SSL_CTX *ctx, BIO *err, SSL_CONF_CTX *cctx,
 		}
 	return 1;
 	}
+
+int ssl_load_stores(SSL_CTX *ctx,
+			const char *vfyCApath, const char *vfyCAfile,
+			const char *chCApath, const char *chCAfile)
+	{
+	X509_STORE *vfy = NULL, *ch = NULL;
+	int rv = 0;
+	if (vfyCApath || vfyCAfile)
+		{
+		vfy = X509_STORE_new();
+		if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath))
+			goto err;
+		SSL_CTX_set1_verify_cert_store(ctx, vfy);
+		}
+	if (chCApath || chCAfile)
+		{
+		ch = X509_STORE_new();
+		if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
+			goto err;
+		SSL_CTX_set1_chain_cert_store(ctx, ch);
+		}
+	rv = 1;
+	err:
+	if (vfy)
+		X509_STORE_free(vfy);
+	if (ch)
+		X509_STORE_free(ch);
+	return rv;
+	}
diff --git a/apps/s_client.c b/apps/s_client.c
index 2a8861e8bd6fd73fbb7760abb1116593269b2ea0..aebdeaca4126c9057ad3915a55f2df84d26d8e9c 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -581,6 +581,8 @@ int MAIN(int argc, char **argv)
 	X509 *cert = NULL;
 	EVP_PKEY *key = NULL;
 	char *CApath=NULL,*CAfile=NULL;
+	char *chCApath=NULL,*chCAfile=NULL;
+	char *vfyCApath=NULL,*vfyCAfile=NULL;
 	int reconnect=0,badop=0,verify=SSL_VERIFY_NONE;
 	int crlf=0;
 	int write_tty,read_tty,write_ssl,read_ssl,tty_on,ssl_pending;
@@ -901,6 +903,16 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			CApath= *(++argv);
 			}
+		else if	(strcmp(*argv,"-chainCApath") == 0)
+			{
+			if (--argc < 1) goto bad;
+			chCApath= *(++argv);
+			}
+		else if	(strcmp(*argv,"-verifyCApath") == 0)
+			{
+			if (--argc < 1) goto bad;
+			vfyCApath= *(++argv);
+			}
 		else if	(strcmp(*argv,"-build_chain") == 0)
 			build_chain = 1;
 		else if	(strcmp(*argv,"-CAfile") == 0)
@@ -908,6 +920,16 @@ int MAIN(int argc, char **argv)
 			if (--argc < 1) goto bad;
 			CAfile= *(++argv);
 			}
+		else if	(strcmp(*argv,"-chainCAfile") == 0)
+			{
+			if (--argc < 1) goto bad;
+			chCAfile= *(++argv);
+			}
+		else if	(strcmp(*argv,"-verifyCAfile") == 0)
+			{
+			if (--argc < 1) goto bad;
+			vfyCAfile= *(++argv);
+			}
 #ifndef OPENSSL_NO_TLSEXT
 # ifndef OPENSSL_NO_NEXTPROTONEG
 		else if (strcmp(*argv,"-nextprotoneg") == 0)
@@ -1157,6 +1179,13 @@ bad:
 		goto end;
 		}
 
+	if (!ssl_load_stores(ctx, vfyCApath, vfyCAfile, chCApath, chCAfile))
+		{
+		BIO_printf(bio_err, "Error loading store locations\n");
+		ERR_print_errors(bio_err);
+		goto end;
+		}
+
 #ifndef OPENSSL_NO_ENGINE
 	if (ssl_client_engine)
 		{
diff --git a/apps/s_server.c b/apps/s_server.c
index f9e33e72c29aeebd37c45f526246eebf9042f702..2fd2ec0738279ad4db0d3f7ac9061b5c64616804 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -216,9 +216,6 @@ static int generate_session_id(const SSL *ssl, unsigned char *id,
 				unsigned int *id_len);
 static void init_session_cache_ctx(SSL_CTX *sctx);
 static void free_sessions(void);
-static int ssl_load_stores(SSL_CTX *sctx,
-			const char *vfyCApath, const char *vfyCAfile,
-			const char *chCApath, const char *chCAfile);
 #ifndef OPENSSL_NO_DH
 static DH *load_dh_param(const char *dhfile);
 static DH *get_dh512(void);
@@ -1057,7 +1054,8 @@ int MAIN(int argc, char *argv[])
 			s_server_verify=SSL_VERIFY_PEER|SSL_VERIFY_CLIENT_ONCE;
 			if (--argc < 1) goto bad;
 			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
+			if (!s_quiet)
+				BIO_printf(bio_err,"verify depth is %d\n",verify_depth);
 			}
 		else if	(strcmp(*argv,"-Verify") == 0)
 			{
@@ -1065,7 +1063,8 @@ int MAIN(int argc, char *argv[])
 				SSL_VERIFY_CLIENT_ONCE;
 			if (--argc < 1) goto bad;
 			verify_depth=atoi(*(++argv));
-			BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
+			if (!s_quiet)
+				BIO_printf(bio_err,"verify depth is %d, must return a certificate\n",verify_depth);
 			}
 		else if	(strcmp(*argv,"-context") == 0)
 			{
@@ -3399,42 +3398,3 @@ static void free_sessions(void)
 		}
 	first = NULL;
 	}
-
-static int ssl_load_stores(SSL_CTX *sctx,
-			const char *vfyCApath, const char *vfyCAfile,
-			const char *chCApath, const char *chCAfile)
-	{
-	X509_STORE *vfy = NULL, *ch = NULL;
-	int rv = 0;
-	if (vfyCApath || vfyCAfile)
-		{
-		vfy = X509_STORE_new();
-		if (!X509_STORE_load_locations(vfy, vfyCAfile, vfyCApath))
-			goto err;
-		SSL_CTX_set1_verify_cert_store(ctx, vfy);
-		}
-	if (chCApath || chCAfile)
-		{
-		ch = X509_STORE_new();
-		if (!X509_STORE_load_locations(ch, chCAfile, chCApath))
-			goto err;
-		/*X509_STORE_set_verify_cb(ch, verify_callback);*/
-		SSL_CTX_set1_chain_cert_store(ctx, ch);
-		}
-	rv = 1;
-	err:
-	if (vfy)
-		X509_STORE_free(vfy);
-	if (ch)
-		X509_STORE_free(ch);
-	return rv;
-	}
-
-
-
-
-
-
-	
-
-