There are issues with the SSL suite of tests that don't directly cause issues with MongoDB but will continue to cost engineer hours when they are dealt with.

1. ca.pem is generally used as the default trusted CA... except sometimes trusted-ca.pem is used. But even in the latter case, suites.yml specifies ca.yml and the associated client.pem, meaning the shell running the tests may not connect correctly, etc.
2. Windows tests use certutil.exe to add certs to the system store then never remove them. This persistence can cause unexpected behavior locally, and requires slowing down evergreen builds by using resmoke_jobs_max: 1 in definitions.yaml to prevent tests from running concurrently
3. Options referencing SSL are widely used when TLS aliases should be used
4. Logging styles are all over the place, even within just this single SSL suite

notes:

certutil.exe -delstore will be useful, it takes a thumbprint as input, thumbprints are in the jstests/libs dir