Who is OpenSSL and why do they sell expensive support contracts?
It sounds like 1.1.1 is only EOL if you don't pay.
OpenSSL is the dependency for doing TLS and a lot more. It’s effectively one of the only options.
Crypto is hard, and crypto in C is fucking awful. Hence the pricing.
BoringSSL, wolfSSL, LibreSSL, not to mention the various FIPS options.
I think GnuTLS is probably the second most popular TLS library, after openssl.
Though actually, maybe, firefox's NSS is now that I think about it a second more. Firefox is at least some fraction of C-library-based ssl traffic out there.
I'll also mentions s2n and rustls-ffi for completeness as C libraries, though the former isn't widely used, and the latter is very experimental still. https://github.com/aws/s2n-tls and https://github.com/rustls/rustls-ffi respectively.