Search code examples
node.jsreactjswebpack

Error message "error:0308010C:digital envelope routines::unsupported"

I created the default IntelliJ IDEA React project and got this:

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at module.exports (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/util/createHash.js:135:53)
    at NormalModule._initBuildHash (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:417:16)
    at handleParseError (/Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:471:10)
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:503:5
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/webpack/lib/NormalModule.js:358:12
    at /Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:373:3
    at iterateNormalLoaders (/Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:214:10)
    at iterateNormalLoaders (/Users/user/Programming Documents/WebServer/untitled/node_modules/loader-runner/lib/LoaderRunner.js:221:10)
/Users/user/Programming Documents/WebServer/untitled/node_modules/react-scripts/scripts/start.js:19
  throw err;
  ^

It seems to be a recent issue - webpack ran into this 4 days ago and is still working on it.

Solution

  • The error comes from your dependency relying on an obsolete version of SSL, so you have two good, and two questionable-at-best options:

    1. Try to just reinstall your dependency

    • Delete your node_modules folder and rerun npm install. If your dependency relies on compiling against whatever version of Node you have installed, this may immediately fix the problem. This is the least likely solution to work, but may fix the problem without any "real" work on your part so is always worth trying.

    2. Update your dependency

    • Almost all dependencies with this problem have a newer version available that you can install instead. Find out which version of your dependency corresponds to after Node 18 became the LTS version of Node, band uplift your dependency to that version.

    This is, really, the only proper solution: update your dependencies, because just like Node.js itself, they can leave your project vulnerable to attacks and exploits.

    3. Downgrade to Node.js v16.

    • You can downgrade Node itself so that you're using a version that uses the old, insecure, version of LibSSL. That doesn't "solve" the problem of running insecure and potentially exploitable code, of course, but your code will at least run.

    (You can either do that using the official Node installers, or you can use something like nvm. For Windows, use nvm-windows.)

    This is, obviously, a bad idea. As is the next one:

    4. Tell Node to use the legacy OpenSSL provider

    On Unix-like (Linux, macOS, Git bash, etc.):

    export NODE_OPTIONS=--openssl-legacy-provider

    On Windows command prompt:

    set NODE_OPTIONS=--openssl-legacy-provider

    On PowerShell:

    $env:NODE_OPTIONS = "--openssl-legacy-provider"

    When Node 18 had just become the active LTS options 1 and 2 weren't really available, but for anyone still finding this answer, 3 and 4 should no longer be considered serious options in any way.