OCSP stapling: open ssl_stapling_file in binary-mode. OCSP response uses the DER format and as such needs to be opened in binary-mode. This only has any effect under Win32.

commit: 92e2a30a7174296abfb29260f67735d62030a55a [log] [tgz]
author: Sergey Kandaurov <pluknet@nginx.com> Wed Apr 03 15:35:39 2019 +0300
committer: Sergey Kandaurov <pluknet@nginx.com> Wed Apr 03 15:35:39 2019 +0300
tree: 76da0425c1983c055db987978d0412eb81ac4cb4
parent: 6d15d261cefeb5da853d22ad9562ea9b2bcd26b1 [diff]
diff --git a/src/event/ngx_event_openssl_stapling.c b/src/event/ngx_event_openssl_stapling.c
index 0bea5e7..7d0a170 100644
--- a/src/event/ngx_event_openssl_stapling.c
+++ b/src/event/ngx_event_openssl_stapling.c

@@ -227,7 +227,7 @@
         return NGX_ERROR;
     }
 
-    bio = BIO_new_file((char *) file->data, "r");
+    bio = BIO_new_file((char *) file->data, "rb");
     if (bio == NULL) {
         ngx_ssl_error(NGX_LOG_EMERG, ssl->log, 0,
                       "BIO_new_file(\"%s\") failed", file->data);
commit	92e2a30a7174296abfb29260f67735d62030a55a	[log] [tgz]
author	Sergey Kandaurov <pluknet@nginx.com>	Wed Apr 03 15:35:39 2019 +0300
committer	Sergey Kandaurov <pluknet@nginx.com>	Wed Apr 03 15:35:39 2019 +0300
tree	76da0425c1983c055db987978d0412eb81ac4cb4
parent	6d15d261cefeb5da853d22ad9562ea9b2bcd26b1 [diff]