The openssl advertising clause is so obnoxious that if you even say:
Our product has secure connections.
You actually have to do something like:
Our product has secure connections (using OpenSSL copyright x, y, and z, blah blah blah).
Every single time you talk about any feature that relies on what OpenSSL provides. Does everyone do that? Well no, but the license does appear to say exactly that. It is very hard to comply correctly with that license.
It is not just the documentation that has to list the copyrights, or the about info for the application. It's documentation, advertising, discussions of product features, etc.