[Solved] error:0308010C:digital envelope routines::unsupported

The error:0308010C:digital envelope routines::unsupported is mainly observed while creating the react application using the Node.JS version 17 or above and using the webpack@4 version.

In this tutorial, we will look at what is error:0308010C:digital envelope routines::unsupported and how to resolve this issue in your application.

What is error:0308010C:digital envelope routines::unsupported?

So today, when we are setting up and running the React project using the latest version of Node.JS 17 or above, we ran into the below issue.

[webpack-cli] Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at BulkUpdateDecorator.hashFactory (/opt/src/node_modules/webpack/lib/util/createHash.js:155:18)
  opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'

The error can also occur if you build the application using docker build since it pulls the latest version of Node.JS by default.

This error is because node.js 17 uses OpenSSL3, which has changed code for initialization context of md family (including md4), and this is a breaking change.

We can find more details about the OpenSSL3 upgrade over here.

The Node JS version 17 is not the LTS (Long Term Support), and it is not compatible with the webpack version 4.

How to resolve error:0308010C:digital envelope routines::unsupported?

There are multiple ways to resolve the issue. Let us take a look at each of these solutions.

Solution 1: Add the legacy OpenSSL in package.json

If you still want to use Node.js 17 or above and resolve the issue, you can go to package.json and modify the line.

"start": "react-scripts start"

to

"start": "react-scripts --openssl-legacy-provider start"

Changing this script in package.json makes Node.js use OpenSSL 3 in the legacy mode, which means you are running with known insecure algorithms.

Solution 2: Downgrade Node.JS to Long Term Support(LTS)

The other alternate way is to downgrade the Node.JS to LTS version 16.14.0, to resolve the issue. 

There are various ways to install and use Node.js versions. One of the best ways is to use Node Version Manager to manage multiple node versions.

Step 1: Install the Node Version manager using the below command.

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash

Step 2: You can install the specific node.js version or just use the below command to install the node.js LTS version.

nvm install --lts

Step 3: Set the node.js to use the latest LTS version using the following command.

nvm use --lts

In the case of the Docker build, you can modify the DockerFile something like this.

...
FROM node:alpine
...

to

...
FROM node:16-alpine3.12
...

Solution 3: Setting openssl-legacy-provider Globally

Setting the NODE_OPTIONS is not a recommended approach, but you can still try this on your local machine as a quick fix.

The same can be tried in the case of the Docker build. All you need to do is add the below line in your DockeFile to resolve the issue.

RUN export NODE_OPTIONS=--openssl-legacy-provider && yarn build && yarn install --production --ignore-scripts --prefer-offline

Conclusion

The error:0308010C:digital envelope routines::unsupported occurs with the Node.js version 17 as it’s not the LTS version, and there is a breaking change in the OpenSSL.

We can resolve the issue by downgrading the Node.js version to LTS (16.14.0) or by modifying the package.json start script to "start": "react-scripts --openssl-legacy-provider start"

7 comments
  1. Very helpful, thank you. Helped me understand my current issue.

    I’d just like to note that LTS stands for “Long Term Support”, not “Latest Stable Version”

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign Up for Our Newsletters

Subscribe to get notified of the latest articles. We will never spam you. Be a part of our ever-growing community.

You May Also Like