My guess is that the relevant keyword for the choice of OpenSSL is FIPS. Rusttls doesn’t (or at least didn’t) have that certification, which matters if you are dealing with US government (directly or indirectly). I believe there is an alternative backend (instead of ring) these days that does have FIPS though.

The article on how they built Pingora is a good read too.

NGINX is purely in C, which is not memory safe by design. It is very error-prone to work with such a 3rd party code base. It is quite easy to get into memory safety issues, even for experienced engineers, and we wanted to avoid these as much as possible.

[…]

Since Pingora’s inception we’ve served a few hundred trillion requests and have yet to crash due to our service code. In fact, Pingora crashes are so rare we usually find unrelated issues when we do encounter one. Recently we discovered a kernel bug soon after our service started crashing.

I didn’t develop Rust nor the service, but I can’t help but feel smug when reading that. RIR is quite valuable

CC BY-NC-SA 4.0