I think it still looks bad in a security audit if you use OpenSSL 1.1.1 with RedHat patches on Windows or Mac. Not sure how much platform specific code is actually there.
Technically not EL, but there are plenty of servers running EL patches on EL-based distros such as Rocky, Alma, Amazon Linux, Oracle Linux, etc.
Some of my clients have only just begun to contemplate upgrading from CentOS 7 to Rocky 8, so I expect to keep seeing OpenSSL 1.1.1 for quite a few years.
