Node.js 17.0.1 Gatsby error - "digital envelope routines::unsupported ... ERR_OSSL_EVP_UNSUPPORTED" [duplicate]
Asked Answered
B

13

190

I am building a Gatsby site. I upgraded Node.js to v17.0.1, and when I run a build, there is an error:

Error: digital envelope routines::unsupported

opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
library: 'digital envelope routines',
reason: 'unsupported',
code: 'ERR_OSSL_EVP_UNSUPPORTED'

If I downgrade it to v16, it works fine, and the build will be successful. How can I fix this?

From googling, this may be a similar issue: Error: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt #48

Beadle answered 21/10, 2021 at 16:0 Comment(0)
I
109

This is most likely an issue with webpack.

  • If you are on version 4, this was fixed in version 4.47.0 (release).
  • If you are on version 5, this was fixed in version 5.61.0 (release).

Upgrading webpack to a version beyond what is listed above should address the problem.

See this issue for further discussion when the bug was originally noticed:

Ultimately this was related to webpack using md4 hashes and their fix was to switch to using a WASM implementation of the md4 algorithm rather than node's builtin (of which node's relies on OpenSSL, hence the error).

Note that while a member of the webpack team had stated they did not plan to backport the fix to webpack 4, version v4.47.0 nonetheless included a custom md4 implementation to bring support for Node 18 and above.


Original Response:

Gatsby / the tooling used in Gatsby must be using a cryptographic algorithm or key size which is no longer allowed by default with OpenSSL 3.0.

From Node.js 17's announcement post:

If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A new command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.

Running this on the terminal might look like:

node --openssl-legacy-provider ./node_modules/.bin/gatsby build

You can also pass this in via the NODE_OPTIONS environment variable.

So if you'd like to continue using the NPM script, you can change the build script to:

// package.json
{
  "scripts": {
    "build": "NODE_OPTIONS=--openssl-legacy-provider gatsby build"
  }
}
Irade answered 21/10, 2021 at 16:9 Comment(3)
This command does get rid of the error: node --openssl-legacy-provider ./node_modules/.bin/gatsby build Thanks a lot! Does it mean that it is down to Gatsby team (or even any modules it depends) to fix the issue in future?Beadle
Yes, from the error you posted, I can't be sure if it is gatsby directly or a module they are consuming. I imagine they'll have a bugfix release for this in the near future.Irade
I upgraded webpack from 5.35.1 to 5.61.0 and it resolved my problem, thanks a lotWindow
M
307

This might help. Add these scripts in the package.json file.

React:

"scripts": {
    "start": "export SET NODE_OPTIONS=--openssl-legacy-provider && react-scripts start",
    "build": "export SET NODE_OPTIONS=--openssl-legacy-provider && react-scripts build"
}

If you are on Windows and you are using React.js you can use set instead of export in your scripts as follows:

"scripts": {
    "start": "set SET NODE_OPTIONS=--openssl-legacy-provider && react-scripts start",
    "build": "set SET NODE_OPTIONS=--openssl-legacy-provider && react-scripts build"
}

or

"scripts": {
    "start": "react-scripts --openssl-legacy-provider start",
    "build": "react-scripts --openssl-legacy-provider build",
}

Vue.js:

"scripts": {
    "serve": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service serve",
    "build": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service build",
    "lint": "export NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service lint"
},

If you are on Windows and you are using Vue.js you can use set instead of export in your scripts as follows:

"scripts": {
    "serve": "set NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service serve",
    "build": "set NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service build",
    "lint": "set NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service lint"
},

or

"scripts": {
    "serve": "vue-cli-service --openssl-legacy-provider serve",
    "build": "vue-cli-service --openssl-legacy-provider build",
    "lint": "vue-cli-service --openssl-legacy-provider lint"
},

Angular:

"scripts": {
 "start": "set NODE_OPTIONS=--openssl-legacy-provider  && gulp buildDev && ng serve ",
 "publish": "set NODE_OPTIONS=--openssl-legacy-provider  && gulp build && ng build --prod",
},
Mechanize answered 27/10, 2021 at 22:58 Comment(6)
How to start development serve after these changes in vue?Taal
The same as before: npm run serveSphery
He, thanks alot for this. i have a simple question, what really causes this problem.Ponytail
just run this command, inside the project root. export NODE_OPTIONS=--openssl-legacy-providerGirdle
This worked, but I still do not understand the what the issue was. What caused this?Agraffe
I'm using yarn and my package.json contains this command: "build-dev": "yarn install && webpack --config ./Config/webpack.config.dev.js --colors", How can I apply the fix here? Everything I tried did not workShavonneshaw
B
211

Quick fix: Run this in a terminal inside your React project.

export NODE_OPTIONS=--openssl-legacy-provider
Burn answered 25/11, 2021 at 19:42 Comment(9)
worked here with node v17 for Mastodon server. Thx!Flinger
Where does that go? In a script file? Manually in a terminal? When should it be applied? In what context? What should be run afterwards in that terminal? What do you mean by "Run this in a terminal inside your React project"? In what environment? In a Visual Studio Code context? Something else? Can you elaborate? Please respond by editing (changing) your answer, not here in comments (without "Edit:", "Update:", or similar - the answer should appear as if it was written today).Plunkett
@PeterMortensen Run this in a terminal inside your React project. eg: cd book_react_app export NODE_OPTIONS=--openssl-legacy-provider @PeterMortensen Can you suggest an edit if this is not clear? Thank youBurn
node: --openssl-legacy-provider is not allowed in NODE_OPTIONSHelmut
What did I write about not here in comments?Plunkett
worked for me for an lwc/express server.Vacla
work for me on react native project. Using Node.js v18.13.0Hachure
Oh man, thank you! I've been dealing with this for hours! Again, Thank you!Cooperman
No idea what it did but it worked. Can someone please explain? I don't see anything in source control so not quite sure what happened hereChiapas
I
109

This is most likely an issue with webpack.

  • If you are on version 4, this was fixed in version 4.47.0 (release).
  • If you are on version 5, this was fixed in version 5.61.0 (release).

Upgrading webpack to a version beyond what is listed above should address the problem.

See this issue for further discussion when the bug was originally noticed:

Ultimately this was related to webpack using md4 hashes and their fix was to switch to using a WASM implementation of the md4 algorithm rather than node's builtin (of which node's relies on OpenSSL, hence the error).

Note that while a member of the webpack team had stated they did not plan to backport the fix to webpack 4, version v4.47.0 nonetheless included a custom md4 implementation to bring support for Node 18 and above.


Original Response:

Gatsby / the tooling used in Gatsby must be using a cryptographic algorithm or key size which is no longer allowed by default with OpenSSL 3.0.

From Node.js 17's announcement post:

If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A new command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.

Running this on the terminal might look like:

node --openssl-legacy-provider ./node_modules/.bin/gatsby build

You can also pass this in via the NODE_OPTIONS environment variable.

So if you'd like to continue using the NPM script, you can change the build script to:

// package.json
{
  "scripts": {
    "build": "NODE_OPTIONS=--openssl-legacy-provider gatsby build"
  }
}
Irade answered 21/10, 2021 at 16:9 Comment(3)
This command does get rid of the error: node --openssl-legacy-provider ./node_modules/.bin/gatsby build Thanks a lot! Does it mean that it is down to Gatsby team (or even any modules it depends) to fix the issue in future?Beadle
Yes, from the error you posted, I can't be sure if it is gatsby directly or a module they are consuming. I imagine they'll have a bugfix release for this in the near future.Irade
I upgraded webpack from 5.35.1 to 5.61.0 and it resolved my problem, thanks a lotWindow
C
32

This issue comes with the new update of Node.js 17. In React you can change the script attribute in the package.json file to:

"scripts": {
    "start": "react-scripts --openssl-legacy-provider start",
    "build": "react-scripts --openssl-legacy-provider build",
    "test": "react-scripts test",
    "eject": "react-scripts eject"
}
Clairvoyant answered 10/11, 2021 at 17:52 Comment(1)
is there a way to make this work with older and newer versions of node? if you run this with an older version of node, then it throws an error saying the command line flag is not recognizedShuffle
C
21

I also had the same problem, so I just degraded the Node.js version:

  • Uninstall Node.js

  • Then download and install 16.13.0.

Contract answered 27/10, 2021 at 2:33 Comment(2)
you can also utilize nvm to switch among node versionsStauder
I strongly recommend using nvm in every platform because you will have to switch from one to another for some reasons... Managing it manually is much easier than uninstalling etc...Bobbe
S
12

I think there are two solutions for this error we encountered after the new Node.js update.

  1. Downgrade Node.js

  2. node_modules\react-scripts\config\webpack.config.js - you should add this code inside the .js file you find here:

        const crypto = require("crypto");
        const crypto_orig_createHash = crypto.createHash;
        crypto.createHash = algorithm => crypto_orig_createHash(algorithm == "md4" ? "sha256" : algorithm);
Stralka answered 28/10, 2021 at 22:53 Comment(3)
none of the downgrade/export fixes worked! but this worked for me. i think ill use this fix temporarily until I reinstall my OS (it happened after I upgraded to fedora 36).Loveless
2nd solution worked for me, 1st would've also worked, just don't this downgrading is a good idea.Nordine
This 2nd solution worked for me as well, setting the hash option in Webpack wasn't sufficient, maybe due to scss using the function as well?Camara
D
6

Use it as a build command for Vue.js 3 and Node.js v17.0.1:

cross-env NODE_OPTIONS='--openssl-legacy-provider' vue-cli-service build"
Distiller answered 7/1, 2022 at 23:9 Comment(1)
Why the double quote? (At the end.)Plunkett
S
5

Rajiv's approach seems right as a workaround, but the syntax didn't worked for me in Vue.js. What worked was without the keyword "SET":

  "scripts": {
    "serve": "NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service serve",
    "build": "NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service build",
    "test:unit": "NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service test:unit",
    "lint": "NODE_OPTIONS=--openssl-legacy-provider && vue-cli-service lint"
  },
Strophe answered 28/10, 2021 at 14:21 Comment(0)
E
4

I have uninstalled my Node.js version 17.0.1 through the control panel.

Then I downloaded the Node.js version 16.13.1 from the nodejs.org and installed it, and then React Native starts and builds fine.

Electrobiology answered 14/12, 2021 at 3:1 Comment(1)
Re "control panel": On Windows?Plunkett
N
4

I have faced this similar issue in version 17.3.0.

  1. I have uninstalled Node.js and installed version 16.13.0 and restarted.
  2. By running in the new terminal, it got fixed.
Nolita answered 5/1, 2022 at 15:57 Comment(1)
This does not provide an answer to the question. Once you have sufficient reputation you will be able to comment on any post; instead, provide answers that don't require clarification from the asker. - From ReviewBronez
G
0

I was facing the same issue with an Angular application on server -

  1. I just downgraded the Node.js version locally to 14
  2. The Docker image replaced with version 14.18.1. Earlier it was Alpine Linux

You can find more details in Node.js' latest release documentation.

Geraldine answered 28/10, 2021 at 17:10 Comment(1)
opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ], library: 'digital envelope routines', reason: 'unsupported', code: 'ERR_OSSL_EVP_UNSUPPORTED' } how to fix this on yarn projectCockatiel
S
0

While patching with --openssl-legacy-provider is more of a hack and a real solution would be to fix OpenSSL key size usage in Vue.js, React, etc.; a temporal workaround may be using an older version of Node.js indeed.

But I'd suggest not to downgrade Node.js; rather install NVM (main/win: nvm-windows/nodist/nvs, the last one being cross-platform) and switch between versions on demand.

Slotnick answered 7/2, 2022 at 8:16 Comment(0)
E
0

I think you should downgrade your Node.js or use nvm to switch between Node.js versions. I did this and React worked fine.

Extant answered 13/2, 2022 at 4:42 Comment(2)
Your answer could be improved with additional supporting information. Please edit to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers in the help center.Quire
try $env:NODE_OPTIONS="--openssl-legacy-provider --max-old-space-size=10000"Moyer

© 2022 - 2024 — McMap. All rights reserved.