Looks like the OpenSSL conf (~/opt/stow/openssl-1.0.1c/ssl/openssl.cnf) has a setting for:
certs = $dir/cacert.pem # Certificate chain to include in reply
# (optional)
As a result:
# This works:
$ openssl verify -CAfile ~/opt/ssl/cacert.pem support.slkdesign.net.crt
support.slkdesign.net.crt: OK
# This did **not** work:
$ openssl verify -CAfile CA/ca-bundle.pem support.slkdesign.net.crt
support.slkdesign.net.crt: CN = *.support.slkdesign.net
error 20 at 0 depth lookup:unable to get local issuer certificate