others-How to fix the 'ERR_OSSL_EVP_UNSUPPORTED' error when doing 'npm start' within reactjs application?

1. Purpose

In this post, I would demo how to solve the following issue when using npm start to start a reactjs application:

Starting the development server...

  throw err;

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at module.exports (/Users/bswen/js-projects/my-app/node_modules/webpack/lib/util/createHash.js:135:53)
    at NormalModule._initBuildHash (/Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:417:16)
    at /Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:452:10
    at /Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:323:13
    at /Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:367:11
    at /Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:233:18
    at context.callback (/Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:111:13)
    at /Users/bswen/js-projects/my-app/node_modules/babel-loader/lib/index.js:59:103 {
  opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',

Node.js v17.1.0
➜  my-app git:(master) ✗ 

The core error message is:

Error: error:0308010C:digital envelope routines::unsupported
 opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',

How to solve this issue?

2. Environment

  • Node.js version: v17.1.0
  • npm version: npm: ‘8.1.2’

3. The solution

3.1 Solution #1

Just execute this from command line:

export NODE_OPTIONS=--openssl-legacy-provider

Then run:

npm start

What is openssl-legacy-provider?

The OpenSSL legacy provider supplies OpenSSL implementations of algorithms that have been deemed legacy. Such algorithms have commonly fallen out of use, have been deemed insecure by the cryptography community, or something similar. We can consider this the retirement home of cryptographic algorithms.

For node.js version v17, it has some claims about this issue:

OpenSSL 3.0

Node.js now includes OpenSSL 3.0, specifically quictls/openssl which provides QUIC support. With OpenSSL 3.0 FIPS support is again available using the new FIPS module. For details about how to build Node.js with FIPS support please see BUILDING.md.

While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes.

If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.

For details about all the features in OpenSSL 3.0 please see the OpenSSL 3.0 release blog.

3.2 Solution #2

Downgrade your node.js to v16 like this:

$ npm install -g n
$ n 16.13.0

3.3 The reason of the issue

The reason is clear, we are using a old version of SSL algorithm that is no longer supported in new openssl version.

4. Summary

In this post, I demonstrated how to solve the ERR_OSSL_EVP_UNSUPPORTED error when using npm start to start a react.js application, the key problem is the incompatibility between node.js v17 and openssl v3, so the solution is either to workaround the issue by providing a special environment variable or to downgrade your node.js. That’s it, thanks for your reading.