fh973

Who is OpenSSL and why do they sell expensive support contracts?

It sounds like 1.1.1 is only EOL if you don't pay.

aaomidi

OpenSSL is the dependency for doing TLS and a lot more. It’s effectively one of the only options.

Crypto is hard, and crypto in C is fucking awful. Hence the pricing.

dharmab

BoringSSL, wolfSSL, LibreSSL, not to mention the various FIPS options.

TheDong
I think GnuTLS is probably the second most popular TLS library, after openssl.

Though actually, maybe, firefox's NSS is now that I think about it a second more. Firefox is at least some fraction of C-library-based ssl traffic out there.

I'll also mentions s2n and rustls-ffi for completeness as C libraries, though the former isn't widely used, and the latter is very experimental still. https://github.com/aws/s2n-tls and https://github.com/rustls/rustls-ffi respectively.