Dave, you are right, background delivery does not work with nsopenssl, there is no easy way to address the problem. The best approach is to deactivate it automatically, when a request comes via SSL.
I was not aware about the flag UseBackGroundDeliveryP, and did some history mining. The flag was introduced by Mannheim in 5.2 (as parameter with code in revision_procs), but then the changes were reverted soon after that, but whoever did the revert missed the flag in the kernel parameters.
It is better to deactivate background delivery automatically in cases where it is known not to work, than to depend on an admin deactivating it manually.
i have made this fix in cvs head, oacs-5-4 and oacs-5-3.