Fix error:0308010C:digital envelope routines::unsupported

By /

If you are using Node JS version 17 to run your javascript application using CLI like vue-cli-service, Webpack or create-react-app, then you might come across the “error:0308010C:digital envelope routines::unsupported” error. This error occurs because of the changes made to the Node.js v17 to fix a security issue in the SSL provider.

Error: error:0308010C:digital envelope routines::unsupported

In this article, we will see the main reason for the error and what are the different solutions we can find to fix this error.

What causes the “error:0308010C:digital envelope routines::unsupported” error ?

The reason for the error is that in Node.js v17 the developers fixed a security issue in the SSL (Secure Socket Layer) provider and started supporting OpenSSL version 3 by default. This caused breaking changes in the SSL packages in NPM.

Webpacks and other command line tools use “Md4” as the hashing algorithm to create file hashes that keep track of the changes we make in our JS files. But with the upgrade of Node.js to version 17, OpenSSL 3.0 moved this “MD4” algorithm into OpenSSL’s legacy provider.

Now in Node.js v17, the OpenSSL v3.0 does not load/enable the “MD4” hashing algorithm by default. So, now after the upgrade of your node version, if you try to build your javascript app (Angular, Vue or React), you will encounter this error.

How to solve “digital envelope routines::unsupported” error?

There are different solutions to fix this “error:0308010C” error. These solutions can be applied even if you are using command-line interface solutions like create-react-app, vue-cli-service, or angular JS.

The first two solutions will be the recommended way because you don’t have to downgrade your Node.js version. And the other solutions are kinda hacks that do resolve the error but they will contain some security issues.

Solution 1: Update all your npm packages in your project

If you want to keep using Node.js version 17 and above then this is the safe and recommended way to resolve the error.

To resolve the “error:0308010C:digital envelope routines::unsupported” error, you have to update all the npm packages in your project.

You can upgrade the npm packages using the following command:

npm upgrade

If that does not resolve then use this command:

npm audit fix --force

The npm audit fix --force upgrades all the dependencies with issues to it’s major version. However, you have to be careful using this command become sometimes it might create more breaking changes in your code.

Solution 2: Upgrade to Webpack 5 (Latest Version)

The error was fixed in Webpack version 5, so if you are using an older version of Webpack (example Webpack v4) then you need to upgrade your Webpack version to v5.61.0. Here is the GitHub thread on the fixed: nodejs 17: digital envelope routines::unsupported

To install the latest version of Webpack use the following command:

npm install webpack@latest

Note: It is important to note that if you are using create-react-app or vue-cli to create your javascript application then this solution might not work. You can follow the other solution given below for them.

Solution 3: Add –openssl-legacy-provider flag to your build script

Even though OpenSSL version 3 has moved “md4” to its legacy category and does not enable it by default, you can still use it using the --openssl-legacy-provider flag.

You have to add the flag to your build script to enable the “md4” or any other legacy algorithm.

If you are using Vue js:

{
    "scripts": {
        "serve": "vue-cli-service serve --openssl-legacy-provider"
    },
}

And if you are using react then add it to your start script, like this:

{
    "scripts":{
        "start":"react-scripts start --openssl-legacy-provider"
    }
}

Now it will enable legacy provider and you can build your application without any Node error.

Troubleshoot:

If “node: –openssl-legacy-provider is not allowed in NODE_OPTIONS” error occurs while building or serving the app, then you have to set the NODE_OPTIONS environment variable to “–openssl-legacy-provider”.

To set the NODE_OPTIONS environment variable, use the following command:

# For Linux and MacOS
export NODE_OPTIONS=--openssl-legacy-provider

# For Windows Command Prompt (CMD)
set NODE_OPTIONS=--openssl-legacy-provider

# For Windows PowerShell
$env:NODE_OPTIONS="--openssl-legacy-provider"

# For Docker (Dockerfile) 
ENV NODE_OPTIONS="--openssl-legacy-provider"

Or you can directly set the NODE_OPTIONS from the script tag in your package.json file. To do so, all the following in your build scripts:

{
    "scripts": {
        "serve": "SET NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service serve",
        "build": "SET NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service build"
    },
}

You can read about the issue and the possible solution here: Error: Unknown argument: openssl-legacy-provider

Solution 4: Upgrade your react-scripts to version 5.

Now, if the above solution did not fix your error in react then you need to upgrade your react-script to version 5 and above.

The latest react-script version uses the “MD5” algorithm to hash your javascript file into chunks.

To upgrade to version 5, you can uninstall the current version using the command:

npm uninstall react-scripts

And then to install the latest version of the react-scripts, type:

npm install [email protected]

Now start your react app using the npm start command and your error will be resolved.

If you get any issues installing the latest version of react-script, then you can add it manually too.

To manually upgrade your react-scripts package to version 5, do the following:

  1. First, change the react-scripts version to 5.0.1 (latest version) in your package.json file.
  2. Next, delete node_modules folder and package-lock.json file.
  3. Finally, run npm install or yarn add, to reinstall all the dependencies for your react application.
error:0308010C:digital envelope routines node error

Get the changelog of the latest react-scripts version here: CHANGELOG

Solution 5: Use the Latest LTS version of Node.js

Always use the LTS version of Node.js. The error will occur if you are using a non-LTS version of Node.js.

The best option will be to upgrade your node version to Node.js v18.0 LTS. You can download the NodeJs v18 from the Node Official Website: Download Node.js 18.

If you are using nvm (Node Version Manager) then use the command:

nvm install 18.16.0

nvm use 18.16.0

Now, even after installing the latest LTS version if you are getting the “error:0308010C:digital envelope routines::unsupported” error, then here are two troubleshooting that was given by Stackoverflow users.

Troubleshoot 1:

Set the NODE_OPTIONS environment variable to --openssl-legacy-provider as shown in Solution 3. In Windows, go to the command prompt and type:

set NODE_OPTIONS=--openssl-legacy-provider

After that, run npm start to start your react application and this should solve the error.

Troubleshoot 2:

If you are still getting the error after installing the Node v18 LTS version, then upgrade the npm packages using :

npm audit fix --force

Keep in mind that this command will upgrade dependencies to its major version which might cause more breaking changes in your code. If you don’t want to take the risk, then the last option would be downgrading to the Node.js V16 LTS version.

Solution 6: Downgrade to an older version: Node.js V16

If all the above-given solutions didn’t solve the error, then the last option is to downgrade Node to version 16.

If you are using nvm (Node Version Manager), then do the following:

# Install version 16 LTS version
nvm install 16.20.0

# use Node 16.20.0

nvm use 16.20.0

Note: You can confirm the correct version using node -v in the command prompt.

Next, delete node_modules folder and package-lock.json file. And run the command npm install to re-install all your npm packages and rebuilt your application.

Now, when you run your npm start command the error will be resolved.

Conclusion:

The “0308010c: digital envelope routines::unsupported” error occurs because, with the update of Node.js version 17, the Webpack’s “MD4” algorithm is no longer supported and is moved to OpenSSL’s 3.0 legacy provider.

This is short summary of the steps that you can take to resolve the issue in the latest version of Node.js.

  1. Install the Latest LTS Version of Node.
  2. Upgrade your npm packages using npm upgrade or npm audit fix --force
  3. Update your Webpack version to version 5+ (Check Solution 2)
  4. Set NODE_OPTIONS environment variable to --openssl-legacy-provider using set NODE_OPTIONS=--openssl-legacy-provider (CMD command) or $env:NODE_OPTIONS="--openssl-legacy-provider" (PowerShell). Check Solution 3 for more.
  5. Add the --openssl-legacy-provider flag to your build script. (Check solution 3)
  6. Next run your build script, for example npm start (in the case of react app) and your error will be fixed.

If you don’t want to use the latest version of Node.js, then downgrading to Node v16 is the only option.

Hope the solutions helped you to fix this annoying error and you can now continue working on your project.

Related Articles:

Resolve Npm Cannot Find Module Error In Nodejs

How To Fix “Npm ERR Cb() Never Called” | Quick Fix

How To Clear Cache In Npm?

npm WARN : No description field in Node – Fix

NVM Error – exit status 1: Access is denied – Fixed

Solving “npm not recognized as an internal or external command” Error

(Fixed) npm ERR! missing script: start error

npm WARN package.json: No repository field – Fix

Related Posts

Scroll to Top