diff --git a/demos/scripts/cademo.sh b/demos/scripts/cademo.sh
index 03a5ed92..73796510 100755
--- a/demos/scripts/cademo.sh
+++ b/demos/scripts/cademo.sh
@@ -21,8 +21,9 @@ gmssl reqgen -C CN -ST Beijing -L Haidian -O PKU -OU CS -CN localhost -key encke
 gmssl reqsign -in encreq.pem -days 365 -key_usage keyEncipherment -cacert cacert.pem -key cakey.pem -pass 1234 -out enccert.pem
 gmssl certparse -in enccert.pem
 
-gmssl certrevoke -in signcert.pem -reason keyCompromise > revoked_certs.der
-gmssl certrevoke -in enccert.pem -reason keyCompromise >> revoked_certs.der
+rm -fr revoked_certs.der
+gmssl certrevoke -in signcert.pem -reason keyCompromise -out revoked_certs.der
+gmssl certrevoke -in enccert.pem -reason keyCompromise -out revoked_certs.der
 gmssl crlgen -in revoked_certs.der -cacert cacert.pem -key cakey.pem -pass 1234 -next_update 20240101000000Z -gen_authority_key_id -crl_num 1 -out crl.der
 gmssl crlparse -in crl.der
 
diff --git a/src/file.c b/src/file.c
index f9afcd71..c9327a6b 100644
--- a/src/file.c
+++ b/src/file.c
@@ -41,7 +41,7 @@ int file_read_all(const char *file, uint8_t **out, size_t *outlen)
 	size_t fsize;
 	uint8_t *buf = NULL;
 
-	if (!(fp = fopen(file, "r"))
+	if (!(fp = fopen(file, "rb"))
 		|| file_size(fp, &fsize) != 1
 		|| (buf = malloc(fsize)) == NULL) {
 		error_print();
diff --git a/tools/certrevoke.c b/tools/certrevoke.c
index 2729c575..8d111026 100644
--- a/tools/certrevoke.c
+++ b/tools/certrevoke.c
@@ -21,7 +21,8 @@ static const char *options =
 	" -in pem"
 	" [-reason str]"
 	" [-invalid_date time]"
-	" [-out der]";
+	" -out der";	// on windows, send 0x0a through pipe will be connverted to 0x0d0a
+			// so stdout and pipe is not supported
 
 static char *usage =
 "Options\n"
@@ -42,7 +43,7 @@ static char *usage =
 "    -invalid_date time      The date on which it is known or suspected the certificate became invalid\n"
 "                            Time in `YYYYMMDDHHMMSSZ` format such as 20221231000000Z\n"
 "                            The last 'Z' means it is Zulu (GMT) time\n"
-"    -out der | stdout       Output X.509 RevokedCertificate in DER-encoding\n"
+"    -out der                Output X.509 RevokedCertificate in DER-encoding\n"
 "                            This file stores multiple RevokedCertificates, used as input by `crlsign`\n"
 "\n"
 "Examples\n"
@@ -63,10 +64,10 @@ int certrevoke_main(int argc, char **argv)
 	int reason = -1;
 	time_t invalid_date = -1;
 	char *outfile = NULL;
-	FILE *outfp = stdout;
+	FILE *outfp = NULL;
 	uint8_t *outbuf = NULL;
 	uint8_t *out;
-	size_t outlen;
+	size_t outlen = 0;
 
 	argc--;
 	argv++;
@@ -121,6 +122,11 @@ bad:
 		printf("usage: gmssl %s %s\n\n", prog, options);
 		goto end;
 	}
+	if (!outfile) {
+		fprintf(stderr, "%s: option `-out` missing\n", prog);
+		goto end;
+	}
+
 	if (x509_cert_revoke_to_der(cert, certlen, time(NULL), reason, invalid_date, NULL, 0, NULL, &outlen) != 1) {
 		fprintf(stderr, "%s: inner error\n", prog);
 		goto end;