3 min read.

This article explains how to fix an annoying error – somewhat along the lines of “error:0308010C:digital envelope routines::unsupported” – you might encounter when running node scripts. This might happen in a pipeline or locally. And guess what: you can probably fix it.

Alright. Let’s get to it, then!

Problem

Table of Contents

So I still get to code something occasionally (despite being a part of the cursed middle management now), and not a week goes by without yours truly breaking the build (or the build environment, or the dev environment)!

When running a node build script (for your reference – this can be a command something like “npm run build” or “npm run serve”, and the actual tool and command to execute is likely defined in a package.json file).

ModuleBuildError: Module build failed (from ./node_modules/babel-loader/lib/index.js):
Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:69:19)
    at Proxy.createHash (node:crypto:138:10)
    at filename (C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:94:23)
    at C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:122:39
    at Generator.next (<anonymous>)
    at asyncGeneratorStep (C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:3:103)
    at _next (C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:5:194)
    at C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:5:364
    at new Promise (<anonymous>)
    at C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\cache.js:5:97
    at processResult (C:\code\Contoso\AdventureWorks.Web\node_modules\webpack\lib\NormalModule.js:751:19)
    at C:\code\Contoso\AdventureWorks.Web\node_modules\webpack\lib\NormalModule.js:853:5
    at C:\code\Contoso\AdventureWorks.Web\node_modules\loader-runner\lib\LoaderRunner.js:400:11
    at C:\code\Contoso\AdventureWorks.Web\node_modules\loader-runner\lib\LoaderRunner.js:252:18
    at context.callback (C:\code\Contoso\AdventureWorks.Web\node_modules\loader-runner\lib\LoaderRunner.js:124:13)
    at C:\code\Contoso\AdventureWorks.Web\node_modules\babel-loader\lib\index.js:55:103

If you run into this in a Docker container build step in your CI pipeline, it might look somewhat like below:

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:71:19)
    at Object.createHash (node:crypto:133:10)
    at module.exports (/app/node_modules/webpack/lib/util/createHash.js:135:53)
    at NormalModule._initBuildHash (/app/node_modules/webpack/lib/NormalModule.js:417:16)
    at /app/node_modules/webpack/lib/NormalModule.js:452:10
    at /app/node_modules/webpack/lib/NormalModule.js:323:13
    at /app/node_modules/loader-runner/lib/LoaderRunner.js:367:11
    at /app/node_modules/loader-runner/lib/LoaderRunner.js:233:18
    at context.callback (/app/node_modules/loader-runner/lib/LoaderRunner.js:111:13)
    at /app/node_modules/babel-loader/lib/index.js:59:103 {
  opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'
}

Alright. So that’s the error.

What gives?

Reason

Node has, from version 17 onwards, moved to OpenSSL 3, in favor of OpenSSL 1.1.1 used in earlier versions. And for a good reason, too – OpenSSL 1.1.1 is unsupported as of 11.9.2023.

OpenSSL 3 being a major update means it is also not completely backwards compatible.

If your build toolchain is relying on OpenSSL 1.1.1, but your node version is >=17, you might run into all kinds of oddities. Just like I did.

Solution

There’s a few different things you can do. And some of them work for some toolchains and build pipelines, and the others work for different ones. So let’s take a look at our options.

Time needed: 20 minutes

How to fix “error:0308010C:digital envelope routines::unsupported”?

Add environment variable to force Node to use legacy provider
This might be the least invasive option – try adding an environment variable called “NODE_OPTIONS” (if you don’t have one already) with a value “–openssl-legacy-provider” (or concatenate it if a property already existed.

Or you can add it to your .env file:
NODE_OPTIONS="--openssl-legacy-provider"

Didn’t work? No worries, that was just the first thing to try!
Upgrade your build chain
So your tools or dependencies might secretly (or openly) be using some cryptographic functions that OpenSSL 3 does not support anymore.

Probably the most kosher way to fix this is to actually go through your build steps and tools and make sure you’re only using updated dependencies and nothing relies on years-old versions of OpenSSL.

But if you don’t have the time to do all that now… More options below:
If you’re running react-scripts, add --openssl-legacy-provider parameter
If react-scripts is what you’re running for your build, it has a built-in parameter to switch to using the 1.1.1 version under the hood.

Again – this is an unsupported OpenSSL version. But if it fixes the build now…

react-scripts --openssl-legacy-provider build

Well, and then the most extreme (and not super strongly recommended) but easy option…
Downgrade your node
Another option is to downgrade your node version to <17.0.0. You should probably not do that, because OpenSSL 1.1.1 is now unsupported.

But… It might fix your build for now, without you having to work through the dependencies of your build tooling.

So using nvm or by deleting your new node version and reinstalling an older one, use node 16 or older.

My particular project had a particular build toolchain that had some weird dependencies that did not support OpenSSL 3 – so I ended up temporarily downgrading node using nvm. I actually had to go all the way to node v14.16.0, by running this:

nvm use 14.16.0

I figured our tooling for newer projects actually supports OpenSSL 3 properly, but this was a… Well, let’s call it a “legacy project”. We all have some skeletons in the closet… :)

References

https://stackoverflow.com/questions/73144960/error-error0308010cdigital-envelope-routinesunsupported-at-new-hash-nodei

Author
Recent Posts

Antti K. Koskela

Developer / Speaker / Consultant at Koskila / Precio Fishbone / Norppandalotti Software Co / Alter - Experience Ideas Ltd

Antti Koskela is a proud digital native nomadic millennial full stack developer (is that enough funny buzzwords? That's definitely enough funny buzzwords!), who works as Solutions Architect for Precio Fishbone, building delightful Digital Workplaces.

He's been a developer from 2004 (starting with PHP and Java), and he's been working on .NET projects, Azure, Office 365, SharePoint and a lot of other stuff. He's also Microsoft MVP for Azure.

This is his personal professional (e.g. professional, but definitely personal) blog.

Latest posts by Antti K. Koskela (see all)

“Performing cleanup” – Excel is stuck with an old, conflicted file and will never recover. - November 12, 2024
How to add multiple app URIs for your Entra app registration? - November 5, 2024
How to access Environment Secrets with GitHub Actions? - October 29, 2024

0 0 votes

Article Rating

#SharePointProblems

Solutions are worthless unless shared! Antti K. Koskela's Personal Professional Blog

node build throwing “error:0308010C:digital envelope routines::unsupported”? Let’s fix it!

Problem

Reason

Solution

References

Posts Related to "node build throwing "error:0308010C:digital envelope routines::unsupported"? Let's fix it!":