Error message "error:0308010C:digital envelope routines::unsupported"

Question

I created the default IntelliJ IDEA React project and got this:

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at module.exports (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/util/createHash.js:135:53)
    at NormalModule._initBuildHash (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:417:16)
    at handleParseError (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:471:10)
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:503:5
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:358:12
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:373:3
    at iterateNormalLoaders (/Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:214:10)
    at iterateNormalLoaders (/Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:221:10)
/Users/user/Programming Documents/WebServer/untitled/node_modules/react-scripts/scripts/start.js:19
  throw err;
  ^

It seems to be a recent issue - webpack ran into this 4 days ago and is still working on it.

Do the workarounds mentioned in that issue link work for you? — Mike 'Pomax' Kamermans, Oct 23 '21 at 23:58
I got the same error from using next js I downgraded my node version and now that error won't show up. — migara, Oct 24 '21 at 05:16
@Mike'Pomax'Kamermans There are no workarounds in the issue by Webpack :/ This is why I asked this question. — a1cd, Oct 25 '21 at 20:19
Yes there are? https://github.com/webpack/webpack/issues/14532#issuecomment-947012063 was posted 6 days ago (and there's lots of followup since then from people asking exactly how to use that, with lots of explanations by several folks). — Mike 'Pomax' Kamermans, Oct 25 '21 at 21:31
@Mike'Pomax'Kamermans my bad! i saw that and thought 'but where' and looked for an answer but only found people asking what i wanted to know. My bad! — a1cd, Oct 25 '21 at 22:57
Using the LTS version of Node (V16) rather than V17 fixed this issue for us. — Janac Meena, Dec 27 '21 at 22:46
I just have this issue and after I revert back to the v16 NodeJS, the error is gone. — Arefe, Mar 26 '22 at 03:33
If you have come here with this error on NodeJS v18.x, the cause is the same. See https://web.archive.org/web/20220412174915/https://nodejs.org/api/crypto.html#support-for-weak-or-compromised-algorithms for details as to the cause, and follow the instructions to enable the OpenSSL legacy provider https://web.archive.org/web/20220416014625/https://nodejs.org/api/cli.html#--openssl-legacy-provider — Drazisil, Apr 28 '22 at 02:47
Have you tried to update to the latest version of webpack? I'm not sure about the cause of this bug, but it was already fixed on the latest version. — Chema, Aug 11 '22 at 11:45
just run the compatible version with the current project nvm exec [v] [npm run dev] || [node app.js] check nvm -h examples — Lazaros Kosmidis, Aug 19 '22 at 06:20
This worked for me: https://stackoverflow.com/a/69691525/3426192 — social, Jan 03 '23 at 23:50
I don't want to hijack the comments section, but I think it's crazy that the top 10 answers recommend downgrading your security or sticking to an outdated node version when for most people facing this issue (and the OP) the solution is simply [upgrading `react-scripts` to >5](https://stackoverflow.com/a/71334532/2525299)! — neo post modern, Feb 24 '23 at 17:12
@neopostmodern, for I was not using `react-scripts` and I am using node v18. I did not downgrade, but rather only ran `export NODE_OPTIONS=--openssl-legacy-provider` (as the second point in @Ajoy Karmakar's answer) was enough to resolve the problem. — awdk, May 18 '23 at 04:49
@awdk But how is this not "downgrading your security", as I expressed? — neo post modern, May 19 '23 at 08:02
hey @neopostmodern, yeah it seems it was "deemed insecure by the cryptography community" and then you're about it for production applications (code that actually is executed in a real environment) I just replied your comment given that you ended it saying "the solution is simply upgrading react-scripts to >5!" and in my case I'm not even using react-scripts but rather I had to run integration tests and I was getting such error (described in the question). So, in my case I was glad to temporarily change the node options so I could run it :) but yeah, you're right about production apps — awdk, May 22 '23 at 00:42
@neopostmodern, sometimes projects can't be easily upgraded, sometimes there are budget or time constraints, etc. Downgrading is, sometimes, the way to go. Not everything is perfect or easy. — osiris, Jun 30 '23 at 15:10
I'm not trying to argue that real-world constrains or setups without `react-scripts` don't exist, but they can't possibly reflect/justify the current order of answers. I'd expect those to be "In case the obvious solution doesn't work, try these workarounds" kind of answers you get when you scroll down. — neo post modern, Jul 01 '23 at 16:21

score 2181 · Answer 1 · edited Jan 26 '23 at 06:48

2181

You can try one of these:

1. Downgrade to Node.js v16.

You can reinstall the current LTS version from Node.js’ website.
You can also use nvm. For Windows, use nvm-windows.

2. Enable legacy OpenSSL provider.

On Unix-like (Linux, macOS, Git bash, etc.):

export NODE_OPTIONS=--openssl-legacy-provider

On Windows command prompt:

set NODE_OPTIONS=--openssl-legacy-provider

On PowerShell:

$env:NODE_OPTIONS = "--openssl-legacy-provider"

Reference

edited Jan 26 '23 at 06:48

Roj

995
1
8
22

answered Oct 24 '21 at 18:44

Ajoy Karmakar

22,555
3
10
12

19

where do i put this? – a1cd Oct 25 '21 at 20:13
2

@Evergreen you have to define the variable when you are building --> in your npm run command (you can use export, SET or cross-env depending on your OS) – Alexy Oct 28 '21 at 07:23
47

For me this command fails `/usr/local/Cellar/node/17.0.1/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS` – Ben Winding Nov 13 '21 at 04:30
1

what about ```docker run --rm -v $(pwd):/usr/src -w="/usr/src" node:latest export NODE_OPTIONS=--openssl-legacy-provider && yarn build``` /usr/local/bin/docker-entrypoint.sh: 11: exec: export: not found @ajoy-karmakar – Hamid Shariati Nov 14 '21 at 06:12
Worked for me, windows 10 using gitbash terminal (with the unix commands option enabled during installation) – Kiee Nov 15 '21 at 13:37
32

This solution is not recomended, try to uninstall Node.js version 17+ and reinstall the Node.js version 16+. – Abdul Basit Rishi Nov 24 '21 at 08:30
17

did `set NODE_OPTIONS=--openssl-legacy-provider` It's giving the same error – Zeeshan Ahmad Khalil Nov 25 '21 at 20:57
@AbdulBasitRishi This worked well, thank you for posting. It seems like a very telling solution... is this an issue buried within the newest Node version or is it just incidental that reverting to the older version solves it? – formula-hunter Nov 29 '21 at 20:10
Hi, please edit this and add windows command --> set NODE_OPTIONS=--openssl-legacy-provider. Thank you! – kame Jan 11 '22 at 13:33
2

For many using Linux doing a simple `export NODE_OPTIONS=--openssl-legacy-provider` is not a very efficient solution. Once your terminal session ends that change goes away. If you wanted to make this permanent you'd have to add it to something like ~/.bash_profile or ~/.bashrc. Regardless, as mentioned by others I think setting an environment variable to work around the problem feels a bit hacky. Better to revert to LTS version of node in my opinion. – Jake Killpack Jan 29 '22 at 20:19
2

I've this problem with node 16.13.2 – titusfx Feb 19 '22 at 18:39
9

Downgrading to 16.13.0 is not enough, and it still won't let you use `--openssl-legacy-provider`. To use this parameter, you must be on v17 and up, and the parameter must be placed inside your `package.json`, it won't allow you to just place it in the `NODE_OPTIONS` env var for security reasons. And then it still doesn't work. This will only become a bigger problem as more people move onto the v16 LTS as a lot of projects still depend on Webpack 4 – Maxim Therrien Feb 27 '22 at 23:21
I'm using `nvm`, so I just switched versions to: `16` and it worked perfectly. It wasn't required for me to define the SSL env variables. – Felix Aballi Apr 05 '22 at 19:48
How did you switch versions? – Erick Adam Apr 25 '22 at 20:34
Please go through the answer again. I have updated the answer. – Ajoy Karmakar Apr 26 '22 at 07:27
If you use multiple versions of node, it's best to use nvm and uninstall node all together. Then use node version manager to install the latest version using `nvm install lts && nvm use lts` – Quan Truong May 26 '22 at 02:02
4

On PowerShell, `$env:NODE_OPTIONS = "--openssl-legacy-provider"`. Upgrading to 18.4.0 didn't help. – ggorlen Jun 18 '22 at 01:14
4

On Mac Monterrey, this env. variable mentioned in the answer solved it: `export NODE_OPTIONS=--openssl-legacy-provider` – Timo Jun 21 '22 at 08:10
3

The answer by @rob-juurlink was the only one which was feasible for me https://stackoverflow.com/a/72219174/7583539. It does not require downgrading nodejs nor does it require updating all the underlying webpack stuff etc nor does it require the `--openssl-legacy-provider` flag. It targets the root problem (dropped support for MD4 in OpenSSL 3) and fixes it in a reasonably elegant manner. – Septatrix Jul 06 '22 at 17:50
3

**WARNING: WARNING: WARNING: WARNING: WARNING: WARNING: WARNING: WARNING: If you use the `yarn` tool, it will default to `/usr/bin/node` and won't properly follow your `PATH`. I wasted an HOUR downgrading my Node to all kinds of old versions via the `n` tool. I still kept getting the error. Finally I uninstalled the distro's `nodejs` package and NOW Yarn realizes I want to be using the `n` version in `/usr/local/bin/node` instead. The error is fixed. There is probably a way to tell Yarn which Node version to use but I had just assumed it would figure that out from `PATH`, meh.** – Mitch McMabers Aug 21 '22 at 00:56
1

I get `/usr/bin/node: --openssl-legacy-provider is not allowed in NODE_OPTIONS` on Fedora 35. – Luke Hutchison Sep 08 '22 at 04:52
Adding `export NODE_OPTIONS=--openssl-legacy-provider` to Home/.zshrc (MAC / Linux Manjaro or any other distro with Zsh) will avoid putting it every time – Sebastian Oscar Lopez Oct 05 '22 at 19:45
combining the two options worked for me – younes zeboudj Oct 11 '22 at 11:32
2

`echo 'export NODE_OPTIONS=--openssl-legacy-provider' >> ~/.zshrc` works for me. Don't forget to reopen terminal – Youth overturn Nov 04 '22 at 17:08
This solution is not recomended, try to uninstall Node.js version 17+ and reinstall the Node.js version.. – Ricko.. Nov 07 '22 at 13:41
this actually, helped me for my project that's been lasting for months. However, I feel it's not the best way as I can't install any dependency for my newly created project. – Mukhriddin Shakhriyorov Dec 06 '22 at 11:44
Consider the warnings in this - https://stackoverflow.com/a/73027407/1459653 - answer before doing this. – Mark Gavagan Jan 11 '23 at 18:42
if you are doing above steps, above error will solve. but new error will comes Line 6: 'React' must be in scope when using JSX react/react-in-jsx-scope – MUHAMMAD SHAHID RAFI C P Jan 12 '23 at 10:57
you can change npm run start in package.json: "start": "react-scripts --openssl-legacy-provider start", that works as well and doesn't require you to change node versions – Gerrit B Jan 19 '23 at 22:03
This is not a solution, it's the opposite of a solution! This will take away all the benefits of upgrading to a new version with all its security updates. Please don't do this! The real solution is no where to be found so far! – Madhusudhan Jan 24 '23 at 09:34
No need to downgrade. I'm using node.js 18 with project built with probably node 14. Injecting the parameters into your start script only fixed the issue for me. – Timothy Gonzalez Jan 25 '23 at 15:17
I added the following line to my `.zshrc` file and then restarted my session: `export NODE_OPTIONS=--openssl-legacy-provider` – Tomisin Abiodun Feb 26 '23 at 13:01
If the project has other dependencies that relies on the React version you are currently in, then no need to downgrade. just add the '''--openssl-legacy-provider start''' to the react-scripts start. – Lakindu Kariyawasam Mar 07 '23 at 09:08
This worked for me. I didn't try it sooner because I though since 18 is LTS, it shouldn't require downgrading. Why is this STILL an issue? – L_7337 Mar 07 '23 at 21:48
found that only version 16.13.0 working in this case – sourabh kaushik Mar 10 '23 at 14:17
Downgrading worked for me (`nvm install 16 && nvm use 16`)! – szachy113 Mar 14 '23 at 09:12
For me `set NODE_OPTIONS=--openssl-legacy-provider` was all I had to do. No downgrading needed. – Dean Koštomaj Mar 14 '23 at 14:24
It's fairly recent, but Storybook 7.x release candidate has been released. It's built on newer versions and doesn't suffer this issue. You could attempt an upgrade to it: https://storybook.js.org/docs/7.0/react/get-started/install – Lance Gliser Mar 22 '23 at 20:07
I was on node 19 but then downgrading to 16.18.1 helped me fix the issue. – shaangon Apr 07 '23 at 09:30
I had this issue when using `webpack-dev-server`, and using `nvm` to downgrade Node from v19 to v16.20.0 solved it. Thanks buddy! – Asker Apr 07 '23 at 22:12
In my Mac, `export NODE_OPTIONS=--openssl-legacy-provider` fix the problem. – Zhou Haibo Apr 18 '23 at 05:54
I have Windows. I typed the special command for Windows in the command line, but I still got an error. I ran the command for Linux in git bash and the problem was solved! – nekooee Jun 06 '23 at 15:04
I encountered this issue in my Windows 10 with `node v18.16.0`. The `set NODE_OPTIONS=--openssl-legacy-provider` fixes the issue for me. – daparic Jun 21 '23 at 02:33
`nvm use 14.21.2` solved my issue – napi15 Jul 18 '23 at 16:32
So, how can I undo "set NODE_OPTIONS=--openssl-legacy-provider"? – Arshaan Jul 24 '23 at 04:08
On **Windows** when working on a **Preact** project I needed to modify the `"scripts"` section in the **package.json** from `"dev": "preact watch",` to `"dev": "set NODE_OPTIONS=--openssl-legacy-provider && preact watch"`. It could be similar for React projects. – Nick Jul 25 '23 at 08:20
Downgrading alone worked for me on Mac. Thank you – Vinod Jayachandran Aug 01 '23 at 11:39
i used it without `--` and my app works with node 16.20.1; `cross-env NODE_OPTIONS=openssl-legacy-provider ...` – dkocich Aug 07 '23 at 07:51
I'm using Mac and `export NODE_OPTIONS=--openssl-legacy-provider` worked for me. – L ' Labradon Aug 08 '23 at 11:39
I had this error when running a legasy angular app in windows. I use a dos batch file to launch the app, so just added this before the `ng server` command: ```set NODE_OPTIONS=--openssl-legacy-provider``` – Jake v1 Aug 15 '23 at 01:04
`export NODE_OPTIONS=--openssl-legacy-provider` doesn't work with `node` below `18` – Chaki_Black Aug 29 '23 at 16:58

score 967 · Accepted Answer · edited Oct 26 '21 at 18:02

967

In your package.json: change this line

"start": "react-scripts start"

to

"start": "react-scripts --openssl-legacy-provider start"

edited Oct 26 '21 at 18:02

a1cd

17,884
4
8
28

answered Oct 25 '21 at 19:45

Srujan

10,178
1
8
2

122

but note that `--openssl-legacy-provider` means you are now almost certainly [running with known insecure SSL](https://www.openssl.org/docs/manmaster/man7/OSSL_PROVIDER-legacy.html), so this might mitigate the symptom, but it probably doesn't fix the underlying problem. – Mike 'Pomax' Kamermans Oct 25 '21 at 21:29
7

But of cause, this is acceptable when running localhost. In the newly released VS 2022, starting a react-app from scratch, having VS 2022 creating a self-signed certificate for you, still causes the sample project to crash. This is also an issue when creating a react-project from scratch using NPM commandline "npx create-react-app react-core-test". I testet this in two distinct environments runnin WIndows 10 and Windows 11. – Thomas Williams Dec 03 '21 at 10:29
2

See Ashok's answer. It's the correct solution to keep SSL working without vulnerabilities and it worked for me. – Skystrider Dec 06 '21 at 19:53
28

I don't understand the implication that, somehow, using node 16 with openssl 1.x would be more secure than using node 17 with openssl 3 in legacy mode. OpenSSL made something stricter in v3. You're either defeating that restriction one way, or the other. Both approaches are probably equally insecure. – kojiro Dec 08 '21 at 16:58
1

https://nodejs.org/en/blog/release/v17.0.0/ – Stephane Jan 06 '22 at 23:12
6

This has been solved in react-scripts 5: https://stackoverflow.com/a/71334532/2525299 – neo post modern Mar 03 '22 at 09:11
1

thanks, adding this parameter worked in my latest node version. I am impressed how node / react related commands keep breaking months after we create a solution and try to maintain it. – Junior Mayhé Apr 19 '22 at 19:28
Thanks, I had to modify similarly in my nextjs app "dev": "cross-env NODE_OPTIONS=\"--openssl-legacy-provider\" node server.js", – Omer S Oct 03 '22 at 09:43
1

Thanks! This worked like charm. But this means the project is somewhat insecure. – Lakindu Kariyawasam Nov 06 '22 at 23:29
In case anyone found this while working on a React Native project and attempting to build through XCode (likely on an M1 Mac), you can add this node arg in `node_modules/react-native/scripts/react-native-xcode.sh`. Mine was found at line `103`, but of course that may vary based on versions, &c. I just updated the line to read: `[ -z "$NODE_ARGS" ] && export NODE_ARGS="--openssl-legacy-provider"` and I was instantly back in business. Note that this may well be overwritten after each `npm install` or `yarn` run, and would likely be ignored by your version control as it lives in `node_modules`. – kevincoleman Nov 12 '22 at 06:58
what I need to change in case ReactNative? – CodeBy Dec 20 '22 at 11:26
This doesn't work for Webpack. – Chizl Mar 21 '23 at 16:45
Worked for me, so hacky or not, this is the goto solution for anyone wanting to try out some react project with this problem. – Rareform Apr 12 '23 at 18:10
2

I needed to do a `npm audit fix --force` first to get this working. – theking2 May 10 '23 at 13:07
My issue solved and thanks! – Sankalpa Wijewickrama Jul 20 '23 at 15:23

score 887 · Answer 3 · edited May 11 '23 at 15:26

887

Danger

This question has more than 30 answers, most suggesting to either downgrade Node.js to pre v17 or to use the legacy SSL provider. Both of those solutions are hacks that leave your builds open to security threats.

Reason For The Error

In Node.js v17, the Node.js developers closed a security hole in the SSL provider. This fix was a breaking change that corresponded with similar breaking changes in the SSL packages in NPM. When you attempt to use SSL in Node.js v17 or later without also upgrading those SSL packages in your package.json, then you will see this error.

The Correct (safe) Solution (for npm users)

Use an up-to-date version of Node.js, and also use packages that are up-to-date with security fixes.

For many people, the following command will fix the issue:

npm audit fix --force

However, be aware that, for complex builds, the above command will pull in breaking security fixes that can potentially break your build.

Note for Yarn users

Yarn users can use yarn-audit-fix which can be run without installing as a dependency via

npm_config_yes=true npx yarn-audit-fix

A less heavy-handed (also correct) solution for Webpack

In your Webpack config, set either of the following: (See the ouput.hashFunction docs)

A. (Webpack v5) Set output.hashFunction = 'xxhash64'. B. (Webpack v4) This will depend on what hash algorithms nodejs supports on your system. Some common options you can try are output.hashFunction = 'sha512' or output.hashFunction = 'sha256'.

See more info in Greg's answer.

edited May 11 '23 at 15:26

Peter Mortensen

30,738
21
105
131

answered Jul 18 '22 at 19:07

David

13,133
1
30
39

15

`npm audit fix --force` is the only thing that worked for me, but I also had to upgrade all package dependencies in my project first: https://nodejs.dev/en/learn/update-all-the-nodejs-dependencies-to-their-latest-version/ – Luke Hutchison Sep 08 '22 at 05:16
2

I was unable to run an `npm audit fix` because I am using a proxy that doesn't support it. An alternative was to do an `npm audit --regsitry=https://resgistry.npmjs.org` and manually inspect the packages to find the offender (in my case `elliptic`). Look for `Use of a Broken or Risky Cryptographic Algorithm`. Then manually update that package to a non-offending version. – MichaelM Sep 16 '22 at 14:42
@LukeHutchison probably upgrading the packages is what fixed it, not the audit... – vanowm Oct 08 '22 at 21:41
8

@vanowm, the `audit fix --force` upgrades packages in a more heavy-handed way than a regular upgrade. The `--force` flag upgrades even breaking changes, which is what many (perhaps most?) of us who have this problem need to fix the problem (unless using the less heavy-handed option mentioned in Greg's answer). – David Oct 09 '22 at 22:28
7

@David, in my case using `npm update` what fixed it, the `npm audit fix --force` prior that did nothing...just saying. – vanowm Oct 15 '22 at 11:31
51

Thank you for the actually sane answer, David. I'm shocked at the number of answers that suggest downgrading node. – Carson McManus Nov 02 '22 at 17:17
1

Guys please use `npm audit fix --force` this works and other options are not safe if you are working on big project – Romil Jain Nov 19 '22 at 10:49
3

This solution did absolutely nothing to help me - either the "correct safe solution" or the "less heavy handed solution" - it just wasted my time and I got exactly the same error message after trying these fixes. – Julius Goddard Dec 19 '22 at 16:42
2

npm audit fix --force COMPLETELY BREAKS MY PROJECT! DAMN – CodeBy Dec 20 '22 at 11:31
1

Yes, it is important to reiterate, *this fix can break your build*. Be aware before trying this heavy-handed fix. The needed security updates are *breaking* changes. – David Dec 20 '22 at 17:47
1

@JuliusGoddard, I agree. I am just learning React, following a course released 3 months ago (so relatively up-to-date). I have no idea what any of this is about. But I had 72 audit errors before running npm audit fix --force, and I have 72 errors after. Nothing is fixed. When I tried adding `output.hashFunction = 'xxhash64'` to my webpack.config.js file (which was not easy to find, BTW), I received this error message: `(node:12080) [DEP0111] DeprecationWarning: Access to process.binding('http_parser') is deprecated. ... output is not defined` – Todd Hoatson Dec 22 '22 at 12:48
2

@Todd Hoatson I know... the solution is like "don't listen to anyone else, our answer is the best" and it doesn't do anything and screws up people's projects. – Julius Goddard Dec 22 '22 at 14:15
Hi @David, thanks for your insight. The Webpack configuration you offer seems to only work for v5. I'm using Webpack 4 (Nuxt 2) and output doesn't seems to be a rules property. Any advice to do the same configuration with v4 please? – Claire Jan 05 '23 at 12:17
Hi @Claire, I have edited with some helps for webpack v4. What works for webpack v4 will depend some on what hash functions your system supports, so some people may need to experiment to find an appropriate option. Hope that helps! – David Jan 05 '23 at 16:07
1

@LukeHutchison the link is dead, did you mean [this](https://docs.npmjs.com/updating-packages-downloaded-from-the-registry) – Timo Jan 09 '23 at 13:16
7

If you're using YARN, you'll need to use npm to use this fix, here is some documentation that helps: https://stackoverflow.com/a/60878037/2391795 – Vadorequest Jan 09 '23 at 16:51
2

For me, using `npm i --package-lock-only` (because I was using yarn) and then using `npm audit fix --force` got me from 28 vulnerabilities to 0, so I'd assume that this answer can work. (and can fail, as the author pointed out) – Vadorequest Jan 09 '23 at 16:53
BUT then I had to randomly upgrade all my packages and then my build finally worked. So, I guess that besides the npm auto fix, some packages were needing an upgrade, too, but I couldn't know which ones. – Vadorequest Jan 09 '23 at 17:00
I'm experiencing the same issue for a Laravel project with webpack.mix.js. Unfortunately none of the options work, and I find it odd that almost everyone suggests downgrading Node. I attempted `npm audit fix`, then executed `npm audit fix --force` which can be a bit more destructive based on project dependencies. Unfortunately the ladder command then broke the project build. Thank you for the suggestions however. – Pegues Jan 15 '23 at 00:54
None of these worked. – George Xavier Jan 15 '23 at 09:33
This fix was a breaking change - it made my day! – dswiecki Mar 08 '23 at 13:52
npm audit fix --force breaks everything I have, every time I use it. Nothing will build. I can start from scratch with create-react-app and that command will break it as well. Need a npm fix audit fix --force first. ha – Chizl Mar 21 '23 at 16:48
3

yarn users can use `yarn-audit-fix` package, it worked for me in terms of fixing audit errors but didn't fix the issue with SSL unfortunately, – TheSaGe Mar 29 '23 at 08:25
People, welcome to the land of JS development. Yes, there are complicated dependencies. If you're not willing to work with them and are happy to live with security holes, please get out of this field. – Snap E Tom Apr 07 '23 at 23:06
If I build an Angular app using "ng build", this "--openssl-legacy-provider" option fixes the build problem (it appeared after Node.js has been upgraded to v18). The generated app is served statically as transpiled js files. Does using this option pose any security thread in this case? – tequilacat Apr 14 '23 at 14:39
Security at the expense of usability, comes at the expense of security :) – Ondrej Svejdar Apr 26 '23 at 11:49
`npm audit fix --force` worked for me. – joseluke May 08 '23 at 10:08
I don't know what webpack use hashFunction to do, but I doubt there's any real word security issue, as in [hashFunction](https://webpack.js.org/configuration/output/?_sm_au_=iVVPr5FsL2wWHrF5qQ2QvKH12pCN0#outputhashfunction)'s documentation itself, it says "You can provide a non-crypto hash function for performance reasons." So I can hardly agree with "Both of those solutions are hacks that leave your builds open to security threats." – pu.guan May 24 '23 at 23:53
`npm audit fix --force` fixed my issues too. – Karol Jun 01 '23 at 14:27
1

Thank you for a sane answer. The number of javascript developers that perpetuate this nonsense is utter insanity. – Derek Adair Jun 10 '23 at 11:38
`openssl list -digest-algorithms` can check what algorithms can digested for webpack v4 – Jaeho Lee Jun 19 '23 at 04:42
For me, simply doing `pnpm update` fixed the error, without force – JohnF Jul 11 '23 at 08:28
Thanks. "npm audit fix --force" worked for me only. – koredalin Jul 14 '23 at 10:39
`npm audit fix`, without force option, worked for me. Thank you for the hint ;) – fabienbranchel Jul 20 '23 at 07:51

Ashok Bhobhiya · Answer 4 · 2022-02-01T15:52:08.497

261

If we use the current LTS version of Node.js then this error will not come. Downgrade your Node.js version to the current LTS version (16.13.0).

There can be multiple ways to install the required version. One of them is using nvm (Node.js version manager).

Step 1: Install nvm (if not installed, follow Install Node.js Locally with Node Version Manager (nvm))
Step 2: nvm install 16.13.0 (or lts)

edited Feb 01 '22 at 15:52

answered Oct 27 '21 at 02:50

Ashok Bhobhiya

2,840
1
6
8

39

but... why is the new version incompatible with old code? node is one of the biggest programming tools in the world, they wouldn't just create a new version of nodejs that wasn't backwards compatible (i guess they would because they did but you get my point) – a1cd Oct 31 '21 at 19:25
2

Forceful downgrade – Emmac Nov 12 '21 at 12:15
Thanks, It's great. It worked well after uninstalling nodejs version 17.1.0 and reinstall nodejs version 16.13.0. – Son Cao Nov 18 '21 at 13:51
15

Always use LTS for real applications, it fixed the issue. – Krishnadas PC Nov 20 '21 at 05:42
solved after downgrade NodeJs from version 17 to version 16 LTS. – Ayman Al-Absi Dec 07 '21 at 18:37
4

Is the new LTS after 16 supposed to revert back to old SSL? I am assuming the problem will be the same, just deferred until later, and using LTS 16 is a temporary solution. – trusktr Dec 21 '21 at 04:24
Worked for me, instead of typing the version use `nvm instal lts` and `nvm use lts`. – José Tomás Tocino Dec 26 '21 at 02:49
This was messing me up too. I had multiple versions installed including v17.2.0. It's best to uninstall versions that are not LTS: `nvm uninstall v17.2.0` – Ian Newland Jan 18 '22 at 02:53
2

https://nodejs.org/en/about/releases/ and https://render.com/docs/node-version seem like they'll be helpful for me. – Ryan Feb 22 '22 at 19:38
1

"I have a Node problem that is.." - "Don't care! Downgrade it". I suggest to create a version number like v1000 and every release the major version decrease. So the best release will be smaller version. Until we reach v0.0 – Magno C Oct 05 '22 at 01:24
50

From today Node 18.12.0 is LTS, so I think a downgrade is not a valid strategy anymore :-( – Arek Oct 26 '22 at 12:17
7

So if Node v18 is now LTS, what's the solution now? – Paul Razvan Berg Dec 12 '22 at 15:01
I'm also getting this error when creating a nuxt app and I've just downgraded to version 16.13 https://nodejs.org/en/blog/release/v16.13.0/ Note: I am only using this for testing purposes – aworkinghuman Dec 17 '22 at 14:56
3

Someone said: **Always use LTS for real applications, it fixed the issue.** I upgraded to the latest LTS `Node.js 18.13.0` (See https://nodejs.org/en/download/releases/), and it did not fix this issue. I then tried `npm audit fix --force` which fixed the issue. When I ran diffs to see what was updated it was `react-scripts: "^5.0.1"` (previously it was 3.4.0). One of the answers said the fix was to use react-scripts version 5. – PatS Jan 31 '23 at 23:05

score 85 · Answer 5 · edited Jan 05 '23 at 13:44

85

This is the simplest answer and works.

If you're using react-scripts you can now simply upgrade to version 5.0.0 (or above) which seems to have addressed this issue (it includes a newer version of webpack).

Example: npm i react-scripts@latest

edited Jan 05 '23 at 13:44

fatihyildizhan

8,614
7
64
88

answered Mar 03 '22 at 09:04

neo post modern

2,262
18
30

3

This fixed the issue for my CI build without going backward on versioning or security (ie increasing tech debt with a loose end in the build). Probably should be the best answer in late 2022. – davidjmcclelland Nov 01 '22 at 17:31
3

I agree this should definitely be the accepted answer! I spent a bunch of time trying to make a webpack.config.js with the output hashFunction etc, and then undoing that and trying to do a config-overrides.js file and react-app-rewired since my environment is in docker: ALL A WASTE OF TIME. Seriously. Simply do like @neo said above and update react-scripts. Ex. ```npm i react-scripts@latest``` – Michael Wegter Jan 04 '23 at 23:42
Not working for me when I run storybook – Caeta Jan 08 '23 at 00:32
Hi @Caeta, does your package.json run react-scripts on start? It would look like this. This is default when you use create-react-app `"scripts": { "start": "react-scripts start", "build": "react-scripts build", "test": "react-scripts test", "eject": "react-scripts eject" },` – Michael Wegter Jan 19 '23 at 22:45
This didn't update the webpack version. I still get the same error after updating react-scripts to the latest version. – tRuEsAtM Feb 24 '23 at 18:21
@tRuEsAtM have you manually pinned webpack? If you have a recent version of `react-scripts` you should absolutely have `webpack` >=5. Otherwise you might need to open a new question. – neo post modern Feb 27 '23 at 12:52
I found gatsby had this issue and a `yarn upgrade gatsby` fixed this issue on node 18. – sunapi386 Mar 15 '23 at 02:51
1

For those who uses yarn: yarn add react-scripts. You might get a core-js error afterwards, then you should run: yarn add core-js – Nadzeya Yakimchyk Apr 04 '23 at 07:35
Thanks! I cannot risk the security of my MVP app. – Md Sohail Aug 13 '23 at 08:57
upgrading my react-scripts to v5+ worked for me too. (and deleted node_modules and reinstalled afterwards, for good measure) – bkdraper Aug 21 '23 at 03:31

Gary Bao 鲍昱彤 · Answer 6 · 2023-04-15T03:52:14.490

84

Update April 2023:

This answer was first posted in December 2021, it has been over a year so this answer might not as reliable or relevant anymore. See other answers about more causes behind this problem and the most updated solution.

Some top answers did not work.

export NODE_OPTIONS=--openssl-legacy-provider

And some top answers were not applicable, modifying package.json file:

"start": "react-scripts --openssl-legacy-provider start"

This is caused by the latest node.js V17 compatible issues with OpenSSL, see this and this issue on GitHub.

The easiest thing is just downgrade from node.js V17 to node.js V16. See this post on how to downgrade node.js.

edited Apr 15 '23 at 03:52

answered Dec 07 '21 at 00:56

Gary Bao 鲍昱彤

2,608
20
31

12

Confirming that downgrading version to `V.16` fixed the issue. `nvm install v16 && nvm alias default v16 && nvm use v16` . – Manuel Lazo Dec 16 '21 at 17:15
2

Downgrading from v17 to v16 fixes the issue – onmyway133 Jan 07 '22 at 09:52
2

Yes this solution works perfectly. I've V17 in my workstation and facing this issue. Whereas the same `package.json` in my GitHub action uses V16 and this error is not happening. Thanks! – Saravanan G Jan 17 '22 at 19:18
6

downgrading isn't a good option – Dee Oct 28 '22 at 08:44

score 73 · Answer 7 · edited Nov 15 '21 at 01:01

73

I found the commands below on GitHub:

For Windows, use the below command in cmd:

set NODE_OPTIONS=--openssl-legacy-provider

For Unix, use:

export NODE_OPTIONS=--openssl-legacy-provider

edited Nov 15 '21 at 01:01

Peter Mortensen

30,738
21
105
131

answered Nov 03 '21 at 12:18

Ritesh Kumar

811
4
3

8

Thanks, it worked. But can you explain why this is happening and how this command fixes the problem? – Ali Khalili Nov 07 '21 at 06:03
Worked for me thanks, but this is not a permanent solution. – Abdul Basit Rishi Nov 09 '21 at 09:58
@AliKHalili This github link explains it :- https://github.com/webpack/webpack/issues/14532#issuecomment-947012063 – Ritesh Kumar Nov 09 '21 at 13:33
@AbdulBasitRishi Yes, sadly it is not. The easier one would be downgrade the node version. Seems like a new version issue in Node. Probably they will fix it – Ritesh Kumar Nov 09 '21 at 13:40
8

This is essentially a duplicate of [Ajoy Karmakar's answer](https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported/69699772#69699772) (also without any explanation whatsoever). – Peter Mortensen Jan 02 '22 at 02:38
Also note that this sets Node to _always be insecure_ so never do this, it's an absolutely terrible idea. Only ever use this flag on a per-run (or per-npm-script) basis. – Mike 'Pomax' Kamermans Sep 04 '22 at 17:03
This was the correct solution for me. I am not interested in reverting to a version of Node with known security issues. Appreciate it! – jgnovak-dev Nov 30 '22 at 17:11
thanks it helped and worked like a charm – kshitij Jul 04 '23 at 02:04

Greg · Answer 8 · 2023-01-10T16:01:53.773

70

There are a lot of workarounds posted (mostly downgrading Node.js, OpenSSL, or allowing insecure hashing), but the underlying problem is that Webpack's output.hashFunction defaults to md4, which triggers this error in recent versions of OpenSSL.

From Webpack's output.hashFunction docs:

Since Webpack v5.54.0+, hashFunction supports xxhash64 as a faster algorithm, which will be used as default when experiments.futureDefaults is enabled.

The solution is either:

Set output.hashFunction = 'xxhash64'
Set experiments.futureDefaults = true

in your Webpack configuration.

If you're on an older version of Webpack, (prior to v5.54.0) follow the output.hashFunction link above to see what other hashing algorithms are available to you.

edited Jan 10 '23 at 16:01

answered Aug 23 '22 at 21:34

Greg

12,119
5
32
34

3

If like myself, you made this change and you were still hitting issues, then check your loaders. `file-loader` and `css-loader` use `md4` by default. You can force them to use another hashing algo when setting the name option like so: `'[name].[sha512:hash:6].[ext]'` – Kristian Roebuck Nov 16 '22 at 10:00
Hi @Greg , thanks for this real answer to the problem. But I'm using Nuxt 2 which use Webpack 4 and output doesn't seems to be a rules property. So I'm at a lost on how I can fix this to be able to upgrade the Node version (build on Docker). Any idea? Thx! – Claire Dec 07 '22 at 09:52
2

I am getting a "Error: Digest method not supported" error when setting `output.hashFunction` to `xxhash64`. Perhaps because I am using Webpack v4? – Paul Razvan Berg Dec 12 '22 at 15:11
3

I'm sorry but this answer just does not work at all...When you change experiments.futureDeafults to true - webpack throws the error: "experiments is an invalid configuration object, and when setting output hashFunction to xxhash64, you get the error which Paul Razvan Berg mentions above - This answer needs to either be explained further or removed entirely - it caused me more problems than it solved. – Julius Goddard Dec 19 '22 at 11:49
FYI @Claire, Nuxt3 is out and stable (haven't used it yet): https://nuxt.com/v3 – Mark Gavagan Jan 11 '23 at 16:10
Oddly it did not work for me. I am using symfony 6 web pack encore – Musa Haidari Mar 08 '23 at 14:18
Unfortunately webpack is not the only one that can throw such an error... – Cyril Duchon-Doris Mar 29 '23 at 16:16
@KristianRoebuck babel-loader, too! – Snap E Tom Apr 07 '23 at 23:07
@PaulRazvanBerg et al, I had the same issue, the reason was because my webpack version was outdated. If you can't upgrade your webpack version, you can use a different hash algorithm like `sha256`. I do not know the security implications of choosing such a hash – Mattwmaster58 Apr 17 '23 at 04:19
It worked...thanks; you can use the command in bash terminal – Frank Guo Apr 20 '23 at 01:42
It worked...thanks; you can use the command in bash terminal – Frank Guo Apr 20 '23 at 01:43

score 66 · Answer 9 · edited May 11 '23 at 15:54

66

I had this issue when using Vue.js.

A disadvantage of using -openssl-legacy-provider is that it is not supported by older Node.js versions. Older Node.js versions simply don't run when this flag is provided.
But I still want to be compatible with Node.js v16 and older.

Vue.js uses the MD4 algorithm to generate hashes (well, actually it's Webpack under the hood). MD4 can be easily replaced by MD5 for these kind of purposes. The type of algorithm used is hard coded in most places, so there isn't any way to configure another algorithm.

So I came up with another workaround. A function that intercepts the original createHash() call from the crypto module and replaces it with a modified version. This is at the start of my vue.config.js file:

const crypto = require('crypto');

/**
 * The MD4 algorithm is not available anymore in Node.js 17+ (because of library SSL 3).
 * In that case, silently replace MD4 by the MD5 algorithm.
 */
try {
  crypto.createHash('md4');
} catch (e) {
  console.warn('Crypto "MD4" is not supported anymore by this Node.js version');
  const origCreateHash = crypto.createHash;
  crypto.createHash = (alg, opts) => {
    return origCreateHash(alg === 'md4' ? 'md5' : alg, opts);
  };
}

edited May 11 '23 at 15:54

Peter Mortensen

30,738
21
105
131

answered May 12 '22 at 16:29

Rob Juurlink

4,516
3
20
19

This almost worked for me, but then some part of my webpack build will use some multi-process node build step. Then you won't be able to inject this "shim" into the spawned `node` instances. I ended up just resolving this at the OpenSSL level: https://stackoverflow.com/a/73904032/809572 – Josh Bowden Sep 30 '22 at 04:48
6

This is the most elegant solution which also solves the use of md4 and uses md5. (see comment of @JoshBowden linking to https://stackoverflow.com/a/73904032/16805 which describes underlying issue.) – youri Oct 21 '22 at 17:12
This was the only thing that solved my problem. Ialso have a Vue project. Thank you! – Lucas Feb 03 '23 at 11:37
@RobJuurlink thank you very much, it worked! However I did not understood how overwriting "cripto.createHash" in vue.config.js garantees that this new implementation is that one called latter on (where we have the error). Like, you overwritted this function for THIS cripto instance that you created in in vue.config.js.. How does it work in other classes where crypto is instantiated again? Thanks! – Lucas Feb 03 '23 at 11:47
5

@Lucas it works because `crypto` is a singleton. Every time a program (in the same NodeJS runtime) calls `require("crypto")` the exact same object is returned. – Rob Juurlink Feb 09 '23 at 13:40
5

This is the best answer : it does not disable security feature and does not need to go back to Node 16. It just properly overwrite the outdated algo. Thanks. – vdechef Feb 13 '23 at 07:45
Firstly, it fixed the issue when I used `serve` command, but `build` didn't work. I spent a day finding out I had to delete and regenerate `yarn.lock` file. Maybe it would save time for somebody – TheSaGe Apr 04 '23 at 12:12

score 62 · Answer 10 · edited Dec 01 '21 at 16:31

62

It's the Node.js version.

I have this error on Node.js 17, but it's fine when I switch my Node.js version to an older version (16) by using nvm.

edited Dec 01 '21 at 16:31

Heretic Monkey

11,687
7
53
122

answered Oct 31 '21 at 18:54

davychhouk

1,549
2
16
20

13

Same here. Reverting to node 16 resolved the issue. – sam Nov 05 '21 at 15:25
2

Yup. encountered when trying to run hardhat tests just now. would love to hear a breakdown of what's causing it. – Kyle Baker Nov 24 '21 at 19:36
1

You were right, rolling the npm version back to 16.13.x worked! – Shivang Chaturvedi Dec 05 '21 at 06:38
4

If you're using the package manager Chocolatey, you can just `choco uninstall nodejs` and `choco install nodejs-lts` to install the LTS version of node. – Matthias T Dec 16 '21 at 12:10
2

Somehow, this error also happens to me on node v16... – Yarycka Jan 05 '22 at 08:59
1

Same issue on Node v18, revert to v16 helped. – bartektartanus Jun 29 '22 at 14:17
1

Same here. Dowgraded to node v16 and it's working fine now – Chidiebere Ezeokwelume Feb 05 '23 at 08:06

ViktorMS · Answer 11 · 2022-12-20T10:50:25.877

41

Temporary solution below. Actual solution is upgrading to Webpack 5.

Updated december 2022

This worked for me (downgrading to Node.js 16):

nvm install 16 --lts
nvm use 16

Using Node.js Version Manager (for Windows).

edited Dec 20 '22 at 10:50

answered Nov 15 '21 at 11:23

ViktorMS

1,112
10
25

It worked for me but I had to do `nvm install lts` without the dashes (Windows 10 - Powershell). – Francesco Casula Dec 10 '21 at 09:28
It worked for me, but on my machine `nvm install --lts` already uses the version it installs, so no need to execute `nvm use` – Tomás Feb 18 '22 at 23:26
12

This would no longer work as LTS is now 18 – Archimedes Trajano Oct 30 '22 at 00:32
need to use like `nvm install 16.15.0` or whatever version you want. then `nvm use 16.15.0` – Ted Nov 28 '22 at 15:28
Consider the warnings in this - https://stackoverflow.com/a/73027407/1459653 - answer before doing this. – Mark Gavagan Jan 11 '23 at 18:39
Thanks! Upgrading to Webpack 5 resolved this issue for me. – Hemant Jun 29 '23 at 12:03
This worked for me after trying other answers – WillC Jul 28 '23 at 19:33

score 34 · Answer 12 · edited May 11 '23 at 14:54

34

I had the same error.

My case:

I installed a fresh React TypeScript application, added some SCSS content and some components.

Locally, my build was working, but when I tried to publish, it was failing with an error:

Error: error:0308010C:digital envelope routines::unsupported

I fixed this issue by updating my React script library to 5.0.1:

"react-scripts": "^5.0.1",

edited May 11 '23 at 14:54

Peter Mortensen

30,738
21
105
131

answered Oct 20 '22 at 10:27

Hajrullah islami

371
3
4

This is correct answer. You helped me a lot. – Green Y. Dec 12 '22 at 14:45
wawww 2 weeks of work, after unistall npm and update to the current one, actually was like from one problem to another fixing that pop up another again but finally when I update the local frontend, backend's nodejs and npm so does my laptop system nodejs. I change my react-scripts to latest version.it works – Ermias Kidanegebre Dec 25 '22 at 20:09
I've just run `yarn add react-scripts`. – Andrey Patseiko Feb 20 '23 at 11:11
I have gone through all the answers but this one seemed more relevant as I am using current Node LTS v 18. Instead of downgrading Node version or using legacy SSL provider, using the latest react-script library fixed my problem. – Anit Mar 02 '23 at 15:00

score 33 · Answer 13 · edited Nov 15 '21 at 00:32

33

Failed to construct transformer: Error: error:0308010C:digital envelope routines::unsupported

The simplest and easiest solution to solve the above error is to downgrade Node.js to v14.18.1. And then just delete folder node_modules and try to rebuild your project and your error must be solved.

edited Nov 15 '21 at 00:32

Peter Mortensen

30,738
21
105
131

answered Oct 24 '21 at 13:16

ati hy

503
3
3

this is weirdly worded :| try using the ` character around code [markdown help](https://stackoverflow.com/editing-help#code) – a1cd Oct 24 '21 at 15:27
10

Version v16.13.0 instead of 17.x worked as well for me. I also didn't need to delete the `node_modules` folder. – Tigerware Oct 28 '21 at 06:51
I'm running node version 14.17.3 and I'm still having this issue. – brohjoe Mar 23 '22 at 23:01
Sep 22: All github actions are run with Node 16: https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/ – Dazzle Feb 20 '23 at 20:32
Downgrading to Node 14 resolved the issue for me. – Khasky Jul 05 '23 at 21:22

score 28 · Answer 14 · edited May 11 '23 at 14:38

28

To bypass the error (in a development environment) you can simply run

export NODE_OPTIONS=--openssl-legacy-provider

before launching your Node.js application.

edited May 11 '23 at 14:38

Peter Mortensen

30,738
21
105
131

answered Feb 25 '23 at 21:30

Badr Bellaj

11,560
2
43
44

Manik Kumar · Answer 15 · 2023-08-30T03:01:02.573

28

After updating to Node JS version 18.16.1, I ran into this issue running on my local host, and I was able to resolve it by updating my start command in Package.json. Please find the appropriate command below.

 "start": "export NODE_OPTIONS=--openssl-legacy-provider && react-scripts start"

Please do not downgrade your Node version, as downgrading it won't help.

edited Aug 30 '23 at 03:01

answered Jul 11 '23 at 07:30

Manik Kumar

764
7
17

2

Windows users can use `set` instead of `export`, e.g: `"start": "set NODE_OPTIONS=--openssl-legacy-provider && react-scripts start"` – danwellman Aug 29 '23 at 09:12

score 24 · Answer 16 · edited Jun 30 '23 at 19:30

For Vue.js related

Enable the legacy OpenSSL provider.

On Unix-like (Linux, macOS, Git Bash, etc.):

export NODE_OPTIONS=--openssl-legacy-provider

On Windows command prompt:

set NODE_OPTIONS=--openssl-legacy-provider

On PowerShell:

$env:NODE_OPTIONS = "--openssl-legacy-provider"

In package.json

Reconfigure this script for npm run serve as below;

"scripts": {
    "serve": "vue-cli-service serve --openssl-legacy-provider",
 },

score 20 · Answer 17 · edited Jun 18 '22 at 00:44

20

For Angular apps:

You can also edit the npm start script in package.json. Instead of

"start": "ng serve -o"

to

"start": "set NODE_OPTIONS=--openssl-legacy-provider && ng serve -o"

When you run npm run start in the terminal/command line, it will first set the NODE_OPTIONS to avoid the problem.

edited Jun 18 '22 at 00:44

ggorlen

44,755
7
76
106

answered Apr 25 '22 at 15:37

Lenka Weiss

817
1
8
8

2

This was the solution for me to run an Angular 9 app with Node v18.14.0. – Brugner Mar 11 '23 at 22:16
I had pulled down an Angular 12 sample from github and ran into the error. I have Node v18.17.0. This solution worked perfectly for me. – StackOverflowUser Sep 01 '23 at 04:49

score 20 · Answer 18 · edited Sep 04 '22 at 21:41

20

This is a common error when packages on a project are not updated and the React version that you use is not the latest.

To fix this problem, you need to change your package.json file this way:

Change this

"scripts": {
    "start": "react-scripts start",
    "build": "react-scripts build",
    "test": "react-scripts test",
    "eject": "react-scripts eject"
}

to this

"scripts": {
    "start": "react-scripts --openssl-legacy-provider start",
    "build": "react-scripts --openssl-legacy-provider build",
    "test": "react-scripts test",
    "eject": "react-scripts eject"
}

edited Sep 04 '22 at 21:41

Peter Mortensen

30,738
21
105
131

answered Aug 27 '22 at 09:16

erff-on

303
3
9

this has already been posted, also it's only appropriate for dev env – Ed_ Jan 05 '23 at 04:30

score 18 · Answer 19 · edited Jan 02 '22 at 02:28

18

I faced this issue in Docker build, and I have added this line in the Docker file:

RUN export NODE_OPTIONS=--openssl-legacy-provider && yarn build && yarn install --production --ignore-scripts --prefer-offline

For local development, add the switch in file package.json.

edited Jan 02 '22 at 02:28

Peter Mortensen

30,738
21
105
131

answered Oct 28 '21 at 07:06

Santosh Karanam

1,077
11
23

NODE_OPTIONS=--openssl-legacy-provider is command line argument which should be present when you run yarn build. Nothing to do with Docker. When you build docker image of your application above line is what you use to build – Santosh Karanam Nov 02 '21 at 12:42
This is a near-duplicate of [Ajoy Karmakar's answer](https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported/69699772#69699772). This one is also missing an explanation. Can you please provide an explanation? E.g., why is `--openssl-legacy-provider` necessary? Why all the `yarn` stuff? Please respond by [editing (changing) your answer](https://stackoverflow.com/posts/69749630/edit), not here in comments (***without*** "Edit:", "Update:", or similar - the answer should appear as if it was written today). – Peter Mortensen Jan 02 '22 at 02:31
The answer above runs in docker file with yarn as package manager. This will help users who are using similar environments and unable to resolve with other answers provided. Ill edit the answer with more explanation. Thanks – Santosh Karanam Jan 04 '22 at 15:10

score 17 · Answer 20 · answered Apr 19 '22 at 14:44

17

Running audit fixed the problem for me

npm audit fix --force

answered Apr 19 '22 at 14:44

Karthik Rana

1,261
1
10
20

The uncomfortable path, but the right path. I had to run the audit fix more than once until it completed most fixes. Just minor code brakes. Worth it – Heroselohim Apr 04 '23 at 13:32
Solved my case on the first try! Thanks for keeping my system secure!. – Blind2k Jun 13 '23 at 19:48

score 15 · Answer 21 · edited Sep 04 '22 at 17:07

15

check

node -v
v17.4.0

then roll back to node --lts (node v16.13.2 (npm v8.1.2)) for that use nvm.

nvm install 16

then check node -v and confirm it's version 16.

edited Sep 04 '22 at 17:07

Mike 'Pomax' Kamermans

49,297
16
112
153

answered Feb 01 '22 at 10:54

cds

403
3
5

5

I'm using v16.13.2 and I've this error – titusfx Feb 19 '22 at 18:38
This worked for me, also I did update react scripts first so one of them fixed the issue. – Shazam Jun 01 '22 at 16:24
Remember that your answer will outlive what `lts` means. Right now it's v16, a year from now it's going to be v18, so if you're telling folks they need v16, give the nvm instructions for that version, not "whatever lts happens to be". – Mike 'Pomax' Kamermans Sep 04 '22 at 17:08
Consider the warnings in this - https://stackoverflow.com/a/73027407/1459653 - answer before doing this. – Mark Gavagan Jan 11 '23 at 18:43

score 15 · Answer 22 · answered May 11 '22 at 08:28

15

Same Error with node version v18.0.0 and nuxt framework version 2.15 when running dev server and will be fixed by:

"scripts": {
  "dev": "NODE_OPTIONS=--openssl-legacy-provider nuxt"
}

answered May 11 '22 at 08:28

Art Mary

562
4
12

Got error: Cannot find module – MAZ Feb 28 '23 at 22:30

score 15 · Answer 23 · answered Nov 03 '22 at 13:08

15

As a 2022 reader, none of the answers address the fact that this issue was fixed early on for Webpack 5 users (but not backported to Webpack 4). If you're on Webpack 5, simply upgrade to at least 5.61.0. See this comment here on the thread tracking this issue.

answered Nov 03 '22 at 13:08

NetherGranite

1,940
1
14
42

npm install webpack@latest – Victor Choy Nov 09 '22 at 06:58
2

Thank you! This answer helped me solve the issue in a reasonable way. It is like the 22nd answer on the page but it is by far the most reasonable. The error is happening inside of webpack. So it makes sense to update webpack. I updated to the latest version of webpack and now I no longer see this error. The other answers are basically 1. hide the error message 2. upgrade all dependencies or 3. downgrade your dependencies. To be fair, those answers will make the error message go away. But they aren't the best answers. – Kevin May 31 '23 at 18:09
@Kevin It blew my mind how hard it was to find that Webpack straight up fixed the issue and you just have to update to get the fix. I was too stubborn to go with any of these hacks. – NetherGranite Jun 29 '23 at 22:47

Abdul Basit Rishi · Answer 24 · 2021-11-24T08:28:25.310

13

This solution worked for me.

This error is coming in Node.js version 17+, so try to downgrade the Node.js version.

Uninstall Node.js from the computer.
Download Node.js version 16 and install it again from https://nodejs.org/download/release/v16.13.0/

That's all.

edited Nov 24 '21 at 08:28

answered Nov 10 '21 at 09:16

Abdul Basit Rishi

2,268
24
30

5

but why? Why did node v17 have problems – a1cd Nov 11 '21 at 20:56
3

@Evergreen This is most likely a webpack4 issue, also in version 17 Node.js developers have deprecated of trailing slash pattern mappings which is unsupported in the import maps specification. Node.js developers needs to resolve this asap. – Abdul Basit Rishi Nov 12 '21 at 08:21
1

yea, i would expect node js, being such a widely used product, would have a bit more care put into backwards compatibility. – a1cd Nov 13 '21 at 16:02
1

or, if you're using nvm (node version manager) (and if you're not, you should be, so take this moment to do so...), you can just type `nvm install 16` and you're good to go. – Kyle Baker Nov 24 '21 at 19:38
note that the phrasing is misleading: the "error" is not an error at all, it's Node 17+ actually using an secure, rather than known insecure, version of OpenSSL. The _bypass_ is to install Node 16 and keep running with insecure SSL behaviour, but the _solution_ is to update your dependencies to ones that are Node 17+ compatible. – Mike 'Pomax' Kamermans Sep 04 '22 at 17:05

score 12 · Answer 25 · edited Jan 02 '22 at 02:36

If you are facing this error and you do not want to change your main configuration, an easy fix would be to use the following approach. I am not sure if it is recommended as a good practice, though.

Feel free to correct it.

Initially, let’s say this is the scripts section of my package.json file:

...
"version": "1.0.0",
  "scripts": {
    ...
    "build": "npm run build:test-app:testing",
    "build:test-app:testing": "ng build test-app --deploy-url  https://test-app.com/ --configuration=test-config",
    ...
  },
  "private": true,
...

In order to use this export NODE_OPTIONS=--openssl-legacy-provider you can do the following:

"version": "1.0.0",
  "scripts": {
....
    "build": "NODE_OPTIONS=--openssl-legacy-provider npm run build:test-app:testing”,
    "build:test-app:testing": "NODE_OPTIONS=--openssl-legacy-provider ng build test-app --deploy-url  https://test-app.com/ --configuration=test-config"
...
  },
  "private": true,

Take note of the build scripts. I have added an option: NODE_OPTIONS=--openssl-legacy-provider

This helps solve this error in Node.js version 17.

For those with the flexibility of changing the build system's Node.js version, just switch to a version lower that 17, e.g., version 16.

For Docker, the use case of using this initially, which always pulls the latest version:

...
FROM node:alpine
...

You can switch to something like:

...
FROM node:16-alpine3.12
...

score 11 · Answer 26 · edited Aug 15 '22 at 20:37

I faced the same errors when building hoppscotch using Node.js v18.4.0, and set NODE_OPTIONS=--openssl-legacy-provider saved me!

Logs

D:\code\rust\hoppscotch-app\hoppscotch>pnpm install && pnpm run generate
Scope: all 5 workspace projects
Lockfile is up-to-date, resolution step is skipped
Already up-to-date
packages/codemirror-lang-graphql prepare$ rollup -c
│ Browserslist: caniuse-lite is outdated. Please run:
│   npx browserslist@latest --update-db
│   Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
│
│ src/index.js → dist/index.cjs, ./dist...
│ created dist/index.cjs, ./dist in 2.8s
└─ Done in 4.8s
packages/hoppscotch-data prepare$ tsup src --dts
[20 lines collapsed]
│ CJS dist\chunk-LZ75CAKS.js     13.00 B
│ DTS Build start
│ DTS ⚡️ Build success in 2261ms
│ DTS dist\index.d.ts              714.00 B
│ DTS dist\rest\index.d.ts         2.18 KB
│ DTS dist\graphql\index.d.ts      589.00 B
│ DTS dist\collection\index.d.ts   1.30 KB
│ DTS dist\rest\content-types.d.ts 473.00 B
│ DTS dist\rest\HoppRESTAuth.d.ts  882.00 B
│ DTS dist\type-utils.d.d.ts       1.00 B
└─ Done in 3.8s
packages/hoppscotch-js-sandbox postinstall$ pnpm run build
│ > @hoppscotch/js-sandbox@1.0.0 build D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-js-sandbox
│ > npx tsc
└─ Done in 8.7s
. prepare$ husky install
│ husky - Git hooks installed
└─ Done in 300ms
packages/hoppscotch-app postinstall$ pnpm run gql-codegen
[12 lines collapsed]
│ [14:58:01] Load GraphQL documents [started]
│ [14:58:01] Load GraphQL documents [completed]
│ [14:58:01] Generate [started]
│ [14:58:01] Generate [completed]
│ [14:58:01] Generate helpers/backend/backend-schema.json [completed]
│ [14:58:02] Load GraphQL documents [completed]
│ [14:58:02] Generate [started]
│ [14:58:02] Generate [completed]
│ [14:58:02] Generate helpers/backend/graphql.ts [completed]
│ [14:58:02] Generate outputs [completed]
└─ Done in 4s

> hoppscotch-app@2.2.1 generate D:\code\rust\hoppscotch-app\hoppscotch
> pnpm -r do-build-prod

Scope: 4 of 5 workspace projects
packages/hoppscotch-js-sandbox do-build-prod$ pnpm run build
│ > @hoppscotch/js-sandbox@1.0.0 build D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-js-sandbox
│ > npx tsc
└─ Done in 7.5s
packages/hoppscotch-app do-build-prod$ pnpm run generate
│ > hoppscotch-app@2.2.1 generate D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-app
│ > nuxt generate --modern
│ i Sentry reporting is disabled (no DSN has been provided)
│ i Production build
│ i Bundling only for client side
│ i Target: static
│ i Using components loader to optimize imports
│ i Discovered Components: node_modules/.cache/nuxt/components/readme.md
│ √ Builder initialized
│ √ Nuxt files generated
│ i Compiling Client
│  ERROR  Error: error:0308010C:digital envelope routines::unsupported
│     at new Hash (node:internal/crypto/hash:67:19)
│     at Object.createHash (node:crypto:133:10)
│     at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│     at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_module
│     at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\l
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at runSyncOrAsync (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at Array.<anonymous> (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loa
│     at Storage.finished (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\enhanced-resolve@4.5.0\node_modules\e
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\enhanced-resolve@4.5.0\node_modules\enhanced-resolve\li
│  WARN  Browserslist: caniuse-lite is outdated. Please run:
│   npx browserslist@latest --update-db
│   Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
│  ERROR  error:0308010C:digital envelope routines::unsupported
│   at new Hash (node:internal/crypto/hash:67:19)
│   at Object.createHash (node:crypto:133:10)
│   at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\u
│   at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\
│   at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js:5
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js:3
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Loader
│   at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\lo
│   at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\lo
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Loader
│   at context.callback (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\babel-loader@8.2.3_@babel+core@7.16.12\node_modules\babel
│ D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\LoaderRunne
│                       throw e;
│                       ^
│ Error: error:0308010C:digital envelope routines::unsupported
│     at new Hash (node:internal/crypto/hash:67:19)
│     at Object.createHash (node:crypto:133:10)
│     at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│     at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_module
│     at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\l
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at context.callback (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\load
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\cache-loader@4.1.0_webpack@4.46.0\node_modules\cache-lo
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\graceful-fs@4.2.8\node_modules\graceful-fs\graceful-fs.
│     at FSReqCallback.oncomplete (node:fs:201:23) {
│   opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
│   library: 'digital envelope routines',
│   reason: 'unsupported',
│   code: 'ERR_OSSL_EVP_UNSUPPORTED'
│ }
│ Node.js v18.4.0
│  ELIFECYCLE  Command failed with exit code 1.
└─ Failed in 8.3s
D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-app:
 ERR_PNPM_RECURSIVE_RUN_FIRST_FAIL  hoppscotch-app@2.2.1 do-build-prod: `pnpm run generate`
Exit status 1
 ELIFECYCLE  Command failed with exit code 1.

D:\code\rust\hoppscotch-app\hoppscotch>npx browserslist@latest --update-db
Need to install the following packages:
  browserslist@4.20.4
Ok to proceed? (y) y
Latest version:     1.0.30001357
Updating caniuse-lite version
$ pnpm up caniuse-lite
caniuse-lite has been successfully updated

No target browser changes

D:\code\rust\hoppscotch-app\hoppscotch>pnpm install && pnpm run generate
Scope: all 5 workspace projects
Lockfile is up-to-date, resolution step is skipped
Already up-to-date
packages/codemirror-lang-graphql prepare$ rollup -c
│ Browserslist: caniuse-lite is outdated. Please run:
│   npx browserslist@latest --update-db
│   Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
│
│ src/index.js → dist/index.cjs, ./dist...
│ created dist/index.cjs, ./dist in 2.8s
└─ Done in 4.8s
packages/hoppscotch-data prepare$ tsup src --dts
[20 lines collapsed]
│ CJS dist\chunk-JUWXSDKJ.js     1010.00 B
│ DTS Build start
│ DTS ⚡️ Build success in 2250ms
│ DTS dist\index.d.ts              714.00 B
│ DTS dist\rest\index.d.ts         2.18 KB
│ DTS dist\graphql\index.d.ts      589.00 B
│ DTS dist\collection\index.d.ts   1.30 KB
│ DTS dist\rest\content-types.d.ts 473.00 B
│ DTS dist\rest\HoppRESTAuth.d.ts  882.00 B
│ DTS dist\type-utils.d.d.ts       1.00 B
└─ Done in 3.7s
packages/hoppscotch-js-sandbox postinstall$ pnpm run build
│ > @hoppscotch/js-sandbox@1.0.0 build D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-js-sandbox
│ > npx tsc
└─ Done in 8.5s
. prepare$ husky install
│ husky - Git hooks installed
└─ Done in 335ms
packages/hoppscotch-app postinstall$ pnpm run gql-codegen
[12 lines collapsed]
│ [15:02:37] Load GraphQL documents [started]
│ [15:02:37] Load GraphQL documents [completed]
│ [15:02:37] Generate [started]
│ [15:02:37] Generate [completed]
│ [15:02:37] Generate helpers/backend/backend-schema.json [completed]
│ [15:02:38] Load GraphQL documents [completed]
│ [15:02:38] Generate [started]
│ [15:02:38] Generate [completed]
│ [15:02:38] Generate helpers/backend/graphql.ts [completed]
│ [15:02:38] Generate outputs [completed]
└─ Done in 3.8s

> hoppscotch-app@2.2.1 generate D:\code\rust\hoppscotch-app\hoppscotch
> pnpm -r do-build-prod

Scope: 4 of 5 workspace projects
packages/hoppscotch-js-sandbox do-build-prod$ pnpm run build
│ > @hoppscotch/js-sandbox@1.0.0 build D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-js-sandbox
│ > npx tsc
└─ Done in 6.9s
packages/hoppscotch-app do-build-prod$ pnpm run generate
│ > hoppscotch-app@2.2.1 generate D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-app
│ > nuxt generate --modern
│ i Sentry reporting is disabled (no DSN has been provided)
│ i Production build
│ i Bundling only for client side
│ i Target: static
│ i Using components loader to optimize imports
│ i Discovered Components: node_modules/.cache/nuxt/components/readme.md
│ √ Builder initialized
│ √ Nuxt files generated
│ i Compiling Client
│  ERROR  Error: error:0308010C:digital envelope routines::unsupported
│     at new Hash (node:internal/crypto/hash:67:19)
│     at Object.createHash (node:crypto:133:10)
│     at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│     at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_module
│     at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\l
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at runSyncOrAsync (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at Array.<anonymous> (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loa
│     at Storage.finished (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\enhanced-resolve@4.5.0\node_modules\e
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\enhanced-resolve@4.5.0\node_modules\enhanced-resolve\li
│  WARN  Browserslist: caniuse-lite is outdated. Please run:
│   npx browserslist@latest --update-db
│   Why you should do it regularly: https://github.com/browserslist/browserslist#browsers-data-updating
│  ERROR  error:0308010C:digital envelope routines::unsupported
│   at new Hash (node:internal/crypto/hash:67:19)
│   at Object.createHash (node:crypto:133:10)
│   at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\u
│   at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\
│   at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js:5
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js:3
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Loader
│   at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\lo
│   at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\lo
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Loader
│   at context.callback (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader
│   at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\babel-loader@8.2.3_@babel+core@7.16.12\node_modules\babel
│ D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\LoaderRunne
│                       throw e;
│                       ^
│ Error: error:0308010C:digital envelope routines::unsupported
│     at new Hash (node:internal/crypto/hash:67:19)
│     at Object.createHash (node:crypto:133:10)
│     at module.exports (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib
│     at NormalModule._initBuildHash (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_module
│     at handleParseError (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\l
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\webpack@4.46.0\node_modules\webpack\lib\NormalModule.js
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at iterateNormalLoaders (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\loader-runner\lib\Load
│     at context.callback (D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\loader-runner@2.4.0\node_modules\load
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\cache-loader@4.1.0_webpack@4.46.0\node_modules\cache-lo
│     at D:\code\rust\hoppscotch-app\hoppscotch\node_modules\.pnpm\graceful-fs@4.2.8\node_modules\graceful-fs\graceful-fs.
│     at FSReqCallback.oncomplete (node:fs:201:23) {
│   opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
│   library: 'digital envelope routines',
│   reason: 'unsupported',
│   code: 'ERR_OSSL_EVP_UNSUPPORTED'
│ }
│ Node.js v18.4.0
│  ELIFECYCLE  Command failed with exit code 1.
└─ Failed in 8.2s
D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-app:
 ERR_PNPM_RECURSIVE_RUN_FIRST_FAIL  hoppscotch-app@2.2.1 do-build-prod: `pnpm run generate`
Exit status 1
 ELIFECYCLE  Command failed with exit code 1.

D:\code\rust\hoppscotch-app\hoppscotch>echo %NODE_OPTIONS%
%NODE_OPTIONS%

D:\code\rust\hoppscotch-app\hoppscotch>set NODE_OPTIONS=--openssl-legacy-provider

D:\code\rust\hoppscotch-app\hoppscotch>echo %NODE_OPTIONS%
--openssl-legacy-provider

D:\code\rust\hoppscotch-app\hoppscotch>pnpm run generate

> hoppscotch-app@2.2.1 generate D:\code\rust\hoppscotch-app\hoppscotch
> pnpm -r do-build-prod

Scope: 4 of 5 workspace projects
packages/hoppscotch-js-sandbox do-build-prod$ pnpm run build
│ > @hoppscotch/js-sandbox@1.0.0 build D:\code\rust\hoppscotch-app\hoppscotch\packages\hoppscotch-js-sandbox
│ > npx tsc
└─ Done in 7.1s
packages/hoppscotch-app do-build-prod$ pnpm run generate
[732 lines collapsed]
│ √ Generated route "/vi/enter"
│ √ Generated route "/vi/graphql"
│ √ Generated route "/vi/join-team"
│ √ Generated route "/vi/profile"
│ √ Generated route "/vi/realtime"
│ √ Generated route "/vi/settings"
│ √ Generated route "/"
│ √ Client-side fallback created: 404.html
│ i Generating sitemaps
│ √ Generated /sitemap.xml
└─ Done in 6m 37.1s

D:\code\rust\hoppscotch-app\hoppscotch>

score 11 · Answer 27 · edited May 11 '23 at 15:56

This answer is an immediate OpenSSL system-level workaround without touching a previously working build configuration.

In the ideal world, you have time to upgrade and migrate insecure build dependencies and make sure you didn't break something else in your application (or wholesale just avoid webpack, or in my case migrate from vue-cli to vite which uses esbuild).

You "should" instead either, (a) tell webpack to use a newer hash function, or (b) mitigate the offending packages with npm audit.

System-level OpenSSL workaround

The quickest workaround is to temporarily re-enable MD4 by enabling the "legacy" crypto providers within the system-wide OpenSSL configuration.

This is incredibly insecure and heavy-handed. Afterwards, you should disable the legacy crypto methods.

(Unfortunately, the following is only tested to work on Linux).

Backup your existing OpenSSL configuration: sudo cp /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf.BAK
Append (or uncomment) the following configuration to enable the legacy "providers" (as OpenSSL calls them). You probably want to sudo vim /etc/ssl/openssl.cnf or similar.
```
[provider_sect]
default = default_sect
legacy = legacy_sect

[default_sect]
activate = 1

[legacy_sect]
activate = 1
```
Rerun your node script as before.
Disable the legacy providers afterwards.

sudo mv -f /etc/ssl/openssl.cnf.BAK /etc/ssl/openssl.cnf

This solution is from an answer to a similar problem.

What is the underlying cause?

Node uses OpenSSL for its hash functions and encryption on *nix systems. The latest version of OpenSSL disables MD4 by default—which will break any previously working program that uses MD4. With that in mind, any npm package that thought using MD4 for file hashes was a "good idea" are now broken—even though MD4 has been considered broken by RSA Labs since 1996! MD4 was also "officially" relegated as obsolete by RFC 6150 in 2011.

score 9 · Answer 28 · edited May 11 '23 at 14:41

9

Windows

Install nvm-windows.
Install the Node.js version that you want.
```
nvm install 16
```
Change your Node.js version
```
nvm use 16
```
Check the Node.js versions installed

Windows

Install nvm-windows.
Install the Node.js version that you want.
```
nvm install 16
```
Change your Node.js version
```
nvm use 16
```
Check the Node.js versions installed
```
nvm list
```
Output:

edited May 11 '23 at 14:41

Peter Mortensen

30,738
21
105
131

answered Jan 20 '23 at 01:19

ahmnouira

1,607
13
8

Please review *[Why not upload images of code/errors when asking a question?](https://meta.stackoverflow.com/questions/285551/)* (e.g., *"Images should only be used to illustrate problems that* ***can't be made clear in any other way,*** *such as to provide screenshots of a user interface."*) and [do the right thing](https://stackoverflow.com/posts/75179767/edit) (it covers answers as well). Thanks in advance. – Peter Mortensen May 11 '23 at 14:39

score 9 · Answer 29 · answered Aug 04 '23 at 03:12

9

"scripts": {
  "start": "react-scripts --openssl-legacy-provider start",
  "build": "react-scripts --openssl-legacy-provider build",
}

This worked for me.

answered Aug 04 '23 at 03:12

Hiran Walawage

2,048
1
22
20

score 8 · Answer 30 · edited Jun 30 '23 at 19:21

8

You have to use MD5 in this file. MD4 is the default, but it will not work. It will work without an issue, until you delete the node_modules folder folder.

Go to this path: */node_modules/metro-cache/src/

Change the file stableHash.js like below from md4 to md5:

edited Jun 30 '23 at 19:21

Peter Mortensen

30,738
21
105
131

answered May 25 '23 at 11:33

Hitesh Prajapati

1,261
10
11

Thank you Hitesh your solution saved me – M.skr Jun 16 '23 at 21:23
This must have many votes. this is the answer finally helped me. btw @hitesh will there be fixes in future from RN – Im Batman Jul 11 '23 at 18:02
1

You're my hero!! From all answers this solution worked :) – Lucdabomb Jul 31 '23 at 08:57
Tis worked for me. Is it not possible to fix this by updating a relevant package though? – MomasVII Aug 18 '23 at 07:37

score 7 · Answer 31 · edited Jan 02 '22 at 03:10

7

This worked for me in my app expo (downgrading from Node.js 17 to Node.js 12 or 14).

If you have nvm installed you can change the version of node:

First check versions of Node.js in nvm:

nvm list

Second, install version 12 or 14:

nvm install v12.22.8

edited Jan 02 '22 at 03:10

Peter Mortensen

30,738
21
105
131

answered Dec 23 '21 at 14:39

Alqadiano G

89
1
2

1

Downgrading is not a secure and long-term viable solution. – Andres Oct 14 '22 at 13:58
I am using Node 18, also working on an Expo app. Installing the latest version of @expo/webpack-config and allowing any version of Expo to be installed (use the "*" constraint in package.json), fixed the issue. – tiller1010 Aug 02 '23 at 13:54

score 6 · Answer 32 · edited Aug 15 '22 at 20:31

6

In PowerShell:

$env:NODE_OPTIONS = "--openssl-legacy-provider"

It worked with Node.js v18.7.0.

edited Aug 15 '22 at 20:31

Peter Mortensen

30,738
21
105
131

answered Aug 09 '22 at 06:28

Nasser X

175
3
10

I wish I had navigated to page 2 before reading through [the discussion to find this answer](https://github.com/webpack/webpack/issues/14532#issuecomment-1208965919), but hey, a working solution is a solution – Adam Leis Aug 29 '22 at 18:14
Works for me as well. – Mu-Tsun Tsai Feb 24 '23 at 07:11

score 6 · Answer 33 · edited May 11 '23 at 14:50

6

I got the same issue for a Vue.js project. I uninstalled the new version (greater than 18) of Node.js from the machine and installed a previous version (v16.14.2). It works.

edited May 11 '23 at 14:50

Peter Mortensen

30,738
21
105
131

answered Nov 17 '22 at 07:55

Sarath Baiju

226
2
9

1

I did the same and it works! – vsoni Nov 24 '22 at 16:24
10

Yes it works, but is not a solution. – alwe Dec 25 '22 at 08:30
Yes. It's just like a workaround – Sarath Baiju Dec 25 '22 at 08:38
Consider the warnings in this - https://stackoverflow.com/a/73027407/1459653 - answer before doing this. – Mark Gavagan Jan 11 '23 at 18:40

score 6 · Answer 34 · answered May 31 '23 at 09:08

6

npm update fixed it for me. NPM V18

answered May 31 '23 at 09:08

Kodjo Tchioffo

421
6
6

`yarn upgrade` worked for me as of 8/28/23 – Matt Ruiz Aug 28 '23 at 13:23

score 4 · Answer 35 · answered Mar 18 '22 at 13:40

4

You need to update react-scripts to the latest version

npm update react-scripts --save

answered Mar 18 '22 at 13:40

Matic Kogovšek

1,554
1
9
3

This didn't work for me. :/ – Shazam Jun 01 '22 at 16:21
This didn't work for me, either. – Todd Hoatson Dec 22 '22 at 13:20

score 4 · Answer 36 · edited May 11 '23 at 15:00

4

Here is a quick fix that was suggested and worked for me. cd into your new App directory that you made; you may need to sudo this install, and then run the following:

Run:

npm install -g npm-check-updates

Then:

ncu -u

Then:

npm install

Then:

npm start

edited May 11 '23 at 15:00

Peter Mortensen

30,738
21
105
131

answered Oct 05 '22 at 06:28

iAmTonyaMISM

67
5

4

This is dangerous because it indiscriminately will force all packages to update. For example, one of my apps was written in Vue2, and running the commands listed pushed it to the latest Vue3 release. It would certainly break my app. – MatthewEnderle Nov 16 '22 at 14:25

score 2 · Answer 37 · answered Mar 29 '22 at 16:10

2

If you are getting this error while using GatsbyJs, all you need to do is downgrade the node version to long-term support. There is no other salvation

answered Mar 29 '22 at 16:10

Enes

33
6

Sadly that's no help now that the 18 LTS is throwing the same error. – Slbox Jun 25 '23 at 20:42

score 2 · Answer 38 · answered Apr 03 '22 at 10:57

2

This might not be an answer to the question for everyone. But for anyone running node 17 and above in docker, downgrading just as everyone has said will be helpful. No need for the open-legacy-sslprovider. A simple switch in your Dockerfile from using

From node

to using

From node:16.*

fixes this issue in docker.

answered Apr 03 '22 at 10:57

Nkoro Joseph Ahamefula

526
3
11

This worked for me and I'm not using docker. Downgrading to node 16 fixed my problems. ` nvm use 16 rm -rf node_modules rm yarn.lock yarn install yarn build ` – adamwong246 Apr 04 '22 at 00:58
I was using Docker, and this fixed it for me. Thank you! – Alexander Terp Aug 06 '22 at 05:46

score 2 · Answer 39 · edited May 11 '23 at 14:58

2

I resolved this problem on Windows by uninstalling OpenSSL 1.1.1, installing OpenSSL 3 (if you use Chocolatey: choco install openssl.light) and updating Angular to the latest version (currently 14), that solves the abovementioned problem with Webpack configuration.

Certainly, downgrading Node.js, as most of the answers suggest, is not a proper way to go.

edited May 11 '23 at 14:58

Peter Mortensen

30,738
21
105
131

answered Oct 13 '22 at 20:29

Yaroslav Larin

209
2
6

Why is this not the accepted answer? – Jens Marchewka Nov 01 '22 at 13:14

score 2 · Answer 40 · edited May 11 '23 at 14:48

2

I resolved this error by updating my version of babel-loader after updating Webpack. However, it may be due to another loader or plugin. loader-runner appears in the console output of the original question. See the comment here.

edited May 11 '23 at 14:48

Peter Mortensen

30,738
21
105
131

answered Dec 06 '22 at 10:41

Burns

53
4

It is similar to [this answer](https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported/74303582#74303582). – Peter Mortensen May 11 '23 at 14:51

score 2 · Answer 41 · answered Jan 17 '23 at 05:27

2

echo 'export NODE_OPTIONS=--openssl-legacy-provider' >> ~/.zshrc worked for me

answered Jan 17 '23 at 05:27

Ayan

8,192
4
46
51

score 1 · Answer 42 · answered Nov 17 '21 at 10:16

1

On Dockerfile you should add:

ENV NODE_OPTIONS=--openssl-legacy-provider

answered Nov 17 '21 at 10:16

Oded BD

2,788
27
30

Near duplicate: [Ajoy Karmakar's answer](https://stackoverflow.com/questions/69692842/error-message-error0308010cdigital-envelope-routinesunsupported/69699772#69699772) (also without any explanation whatsoever) – Peter Mortensen Jan 02 '22 at 02:43
I wanted it to be clear how to use with Docker – Oded BD Jan 02 '22 at 12:37

score 1 · Answer 43 · edited Jan 02 '22 at 02:45

1

Go to:: https://nodejs.org/en/

And download the recommended version for most users.

Then uninstall Node.js from your PC and install the recommended version.

From what I understand, this is a problem from the developer team. They will fix it ASAP, but in the meantime use the recommended version and everything is going to be OK.

edited Jan 02 '22 at 02:45

Peter Mortensen

30,738
21
105
131

answered Nov 21 '21 at 20:59

MELLAL Fethi

137
1
5

score 1 · Answer 44 · edited May 11 '23 at 15:24

1

I had the same issue when I changed Node.js versions with nvm. If you are using Sass in your project, please try:

sudo npm rebuild node-sass

edited May 11 '23 at 15:24

Peter Mortensen

30,738
21
105
131

answered Sep 13 '22 at 12:35

Dudar Mykola

89
1
2

score 1 · Answer 45 · edited May 11 '23 at 14:46

As simple as it may sound, if it's feasible, upgrade all your dependencies in your package.json file to the latest (just type in the name in npm and use the suggested version). Also use the latest LTS version of Node.js.

I had problems before, and even with migrating my project to use Yarn, I was able to finally solve this problem. There isn't any need to compromise the security with SSL hacks.

score 1 · Answer 46 · answered Jan 25 '23 at 16:11

1

Before you change your npm version or make any configuration changes, simply run npm update to update your packages to the newest minor versions.

This fixed the issue for me.

answered Jan 25 '23 at 16:11

OKey

182
1
2
10

score 1 · Answer 47 · edited May 11 '23 at 14:37

1

I had this issue when deploying a Next.js project to Vercel. I downgraded Node.js in file package.json by adding:

"engines": {
    "node": "v16.15.0"
},

edited May 11 '23 at 14:37

Peter Mortensen

30,738
21
105
131

answered Mar 29 '23 at 19:35

Mike Bely

21
4

It helps to mark code/config lines using the tick character around the line so that it stands out from the overall comment. `"engines": { "node": "v16.1." }` – cminus Apr 04 '23 at 13:23

score 1 · Answer 48 · edited Jun 30 '23 at 19:32

1

I am getting the same issue with another project. I have cloned it here: react-toolkit-example

Issue:

error:03000086:digital envelope routines::initialization error #1

set NODE_OPTIONS=--openssl-legacy-provider

It works as a temporary fix, but I need a proper solution to this.

edited Jun 30 '23 at 19:32

Peter Mortensen

30,738
21
105
131

answered May 18 '23 at 01:34

AaronNGray

123
2
12

score 1 · Answer 49 · answered Aug 17 '23 at 07:16

Worked 100% correctly.

Solution:

Install Node Version Manager (NVM): NVM is a tool that simplifies managing multiple Node.js versions. If you don't have NVM, install it by running this command in your terminal:

curl -o- https://raw.githubusercontent.com/nvm-sh/nvm/v0.39.1/install.sh | bash

Restart Terminal: Close and reopen your terminal to ensure NVM is properly initialized.

Install Node.js 16.13.0: Use NVM to install the desired version:

nvm install 16.13.0

Use Node.js 16.13.0: Set Node.js 16.13.0 as the active version for the current terminal session:

nvm use 16.13.0

Set Default Version (Optional): If you want to make Node.js 16.13.0 the default for new terminal sessions:

nvm alias default 16.13.0

Verify Installation: Confirm that Node.js 16.13.0 is active by running:

node -v npm -v

Remember, you can use NVM to easily switch between different Node.js versions whenever needed. If you want to switch back to a different version, use nvm use with the appropriate version number.

Feel free to reach out if you have any questions or need further assistance!

score 0 · Answer 50 · edited Nov 15 '21 at 00:46

0

Try:

npm create react-app --template typescript foo --use-npm

edited Nov 15 '21 at 00:46

Peter Mortensen

30,738
21
105
131

answered Nov 01 '21 at 00:00

webcoder

1,331
1
9
27

3

An explanation would be in order. E.g., what is the idea/gist? What does it do? How does it work? Why does it work? Please respond by [editing (changing) your answer](https://stackoverflow.com/posts/69791488/edit), not here in comments (***without*** "Edit:", "Update:", or similar - the answer should appear as if it was written today). – Peter Mortensen Nov 15 '21 at 00:47

score 0 · Answer 51 · edited Nov 15 '21 at 00:59

0

I was facing the same issue with Node.js 17.0.1. I solved it by following these steps:

Open Control Panel → Program and Features → Node.js and uninstall Node.js by right-clicking a
Go to website https://nodejs.org/en/ and download the version and install.

edited Nov 15 '21 at 00:59

Peter Mortensen

30,738
21
105
131

answered Nov 04 '21 at 19:23

راجہ مخلص

1,177
6
15

1

Re *"Control Panel → Program and Features"*: On [Windows](https://en.wikipedia.org/wiki/Microsoft_Windows), presumably? – Peter Mortensen Nov 15 '21 at 00:59

score 0 · Answer 52 · edited Jul 27 '23 at 13:08

I came across this issue today and resolved it by switching Node.js versions using "nvm".

I've been working on a couple of personal projects using Node.js, Next.js 1, and React 2. What often happens to me is that I don't remember exactly which version of Node.js I use for which project.

And so, usually, I would try to use Node.js 16 for a project that is currently using Node.js 14.

I haven't figured out a better way to remember the version of Node.js for each project, so I usually just save all the commands that I need to run to get the application started in readme.MD.

score 0 · Answer 53 · answered Feb 09 '22 at 17:34

0

In Angular.io projects, the accepted (unsupported) version of Nodes.js is v16.x.x.

In Nodes v17.x version, the same error described in this question occurs.

Solution:

Uninstall nodes and reinstall version v16.x (for Windows).

answered Feb 09 '22 at 17:34

FXLima

337
2
5

my development environment: - Angular CLI: 12.2.1 - Node: 16.14.0 (Unsupported) - Package Manager: npm 7.5.6 - OS: win32 x64 – FXLima Feb 09 '22 at 17:42

score 0 · Answer 54 · edited Sep 04 '22 at 21:53

I fixed by using the LTS version:

echo "lts" > .nvmrc
nvm install

React Native has a buggy script to find the path of the Node.js executable.

This sets the version to the latest stable version of Node.js through Node Version Manager.

What I found is that even if Node.js is in my path, if I have an ~/.nvm directory it's going to try to find use in nvm and fail. This sets the current node to be linked to the one in ~/.nvm and thus that React Native can find.

score 0 · Answer 55 · edited May 11 '23 at 14:01

In my case, I'm using an Azure setup. When I raised a pull request, I got this error. So I just removed some commented code, and again raised a pull request.

This time I didn't see this error. This happens in my case. So whenever I get the error, I do the same thing. It will work for me.

Error: error:0308010C:digital envelope routines::unsupported
2023-04-13T13:17:28.4329245Z
2023-04-13T13:17:28.4330391Z     at new Hash
 (node:internal/crypto/hash:71:19)
2023-04-13T13:17:28.4331701Z > prospercare-prospercare-web@0.1.0 build
2023-04-13T13:17:28.4333051Z     at Object.createHash
(node:crypto:133:10)
2023-04-13T13:17:28.4333712Z > GENERATE_SOURCEMAP=false react-scripts
build
2023-04-13T13:17:28.4336913Z     at module.exports
(/home/vsts/work/1/s/node_modules/webpack/lib/util/createHash.js:135:53)
2023-04-13T13:17:28.4337284Z
2023-04-13T13:17:28.4338580Z     at NormalModule._initBuildHash
(/home/vsts/work/1/s/node_modules/webpack/lib/NormalModule.js:417:16)
2023-04-13T13:17:28.4339132Z Creating an optimized production build...
2023-04-13T13:17:28.4340765Z     at handleParseError
(/home/vsts/work/1/s/node_modules/webpack/lib/NormalModule.js:471:10)
2023-04-13T13:17:28.4343721Z     at
/home/vsts/work/1/s/node_modules/webpack/lib/NormalModule.js:503:5
2023-04-13T13:17:28.4345956Z     at
/home/vsts/work/1/s/node_modules/webpack/lib/NormalModule.js:358:12
2023-04-13T13:17:28.4348198Z     at
/home/vsts/work/1/s/node_modules/loader-runner/lib/LoaderRunner.js:373:3
2023-04-13T13:17:28.4350393Z     at iterateNormalLoaders
(/home/vsts/work/1/s/node_modules/loader-
runner/lib/LoaderRunner.js:214:10)

score 0 · Answer 56 · edited May 11 '23 at 13:43

0

I had this issue because of Fedora.

I downgraded to Node.js v16, but without any luck.

The problem was that Fedora installs Node.js v18 when installing Yarn.

So you have to uninstall the preinstalled Node.js using:

sudo dnf remove nodejs

Then install Node.js using nvm:

nvm install 16.19.1

Then install Yarn using npm, not DNF:

sudo npm install yarn -g

edited May 11 '23 at 13:43

Peter Mortensen

30,738
21
105
131

answered May 01 '23 at 15:28

Basheer AL-MOMANI

14,473
9
96
92

score 0 · Answer 57 · answered Jul 11 '23 at 17:00

For those who dont want to play around with node versions. Project is electron app, with webpack 4.x version.

Some encodings and hash alorithms does not match. I played few hours to find matching pair for my node and dependecies I use.

Simply add to webpack config output section hashFunction and hashDigest output:{ hashFunction :'sha256', hashDigest:'base64' }

score 0 · Answer 58 · answered Jul 27 '23 at 11:58

0

I had the same error when I was migrating react js project to support typescript.

delete node_module folder
run npm install command
run npm audit fix --force command
try to start server
this worked for me

answered Jul 27 '23 at 11:58

Chandrakant shinde

31
5

This does not really answer the question. If you have a different question, you can ask it by clicking [Ask Question](https://stackoverflow.com/questions/ask). To get notified when this question gets new answers, you can [follow this question](https://meta.stackexchange.com/q/345661). Once you have enough [reputation](https://stackoverflow.com/help/whats-reputation), you can also [add a bounty](https://stackoverflow.com/help/privileges/set-bounties) to draw more attention to this question. - [From Review](/review/late-answers/34754819) – Ram Chander Aug 03 '23 at 04:33

score -3 · Answer 59 · edited May 11 '23 at 14:43

-3

Switching to a different version of Node.js also works. In my case, I switched from v19.2.0 to v15.14.0.

edited May 11 '23 at 14:43

Peter Mortensen

30,738
21
105
131

answered Jan 19 '23 at 18:24

htmgarcia

5
2

Guilherme Machado · Answer 60 · 2023-05-21T16:50:35.143

-4

Downgrade your Node.js version to 16.19.1.

Node.js 16.19.1

This fixes my problem.

edited May 21 '23 at 16:50

answered Apr 12 '23 at 14:25

Guilherme Machado

355
1
3

Upvoted. Also works for me. I think this answer is useful; using Node 16 (although v18+ are the currently stable releases) is a viable solution if someone just wants to use Node as a static site generator that works in an isolated CI/CD environment (e.g. nodejs + vuepress). – knb Jun 21 '23 at 12:29

Error message "error:0308010C:digital envelope routines::unsupported"

60 Answers60

Danger

Reason For The Error

The Correct (safe) Solution (for npm users)

Note for Yarn users

A less heavy-handed (also correct) solution for Webpack

Updated december 2022

System-level OpenSSL workaround

What is the underlying cause?

Windows

Windows

Linked

Related