Well, taking a step back from sorting your system configuration, is the only problem you are having the failing openssl verify command?
If so, I think you just need a new format for the command. This thread addresses the change required. If I have lost the plot (as they say), please explain.
As an aside, I would avoid using non-standard methods of installing key system components like openssl. As I noted earlier, openssl 1.1.1 is available in EPEL7 as a supported package component. All that is needed is to change the name in any command to openssl11. The link I provided to stackoverflow was for a post by the openssl package maintainer for EPEL7 who further linked to key info about RHEL/Centos. It isn't some random person doing something with unknown goals and implications.
That said, the openssl verify examples shown in the thread I linked to in this post work for me with both openssl 1.0.2k and 1.1.1. Both on an RHEL system with the v1.1.1 coming from EPEL7.