How to fix the 'ERR_OSSL_EVP_UNSUPPORTED' error when doing 'npm start' within reactjs application

Feb 5, 2025

Cowrie

Dev @ Bswen

1. Purpose

In this post, I will demonstrate how to resolve the following issue when using npm start to start a React.js application:

Starting the development server...

/Users/bswen/js-projects/my-app/node_modules/react-scripts/scripts/start.js:19
  throw err;
  ^

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at module.exports (/Users/bswen/js-projects/my-app/node_modules/webpack/lib/util/createHash.js:135:53)
    at NormalModule._initBuildHash (/Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:417:16)
    at /Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:452:10
    at /Users/bswen/js-projects/my-app/node_modules/webpack/lib/NormalModule.js:323:13
    at /Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:367:11
    at /Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:233:18
    at context.callback (/Users/bswen/js-projects/my-app/node_modules/loader-runner/lib/LoaderRunner.js:111:13)
    at /Users/bswen/js-projects/my-app/node_modules/babel-loader/lib/index.js:59:103 {
  opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'
}

Node.js v17.1.0
➜  my-app git:(master) ✗

The core error message is:

Error: error:0308010C:digital envelope routines::unsupported
 opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'

How to solve this issue?

2. Environment

• Node.js version: v17.1.0
• npm version: npm: ‘8.1.2’

3. The solution

3.1 Solution #1

Just execute this from command line:

export NODE_OPTIONS=--openssl-legacy-provider

Then run:

npm start

What is openssl-legacy-provider?

The OpenSSL legacy provider supplies OpenSSL implementations of algorithms that have been deemed legacy. Such algorithms have commonly fallen out of use, have been deemed insecure by the cryptography community, or something similar. We can consider this the retirement home of cryptographic algorithms.

For node.js version v17, it has some claims about this issue:

OpenSSL 3.0

Node.js now includes OpenSSL 3.0, specifically quictls/openssl which provides QUIC support. With OpenSSL 3.0 FIPS support is again available using the new FIPS module. For details about how to build Node.js with FIPS support please see BUILDING.md.

While OpenSSL 3.0 APIs should be mostly compatible with those provided by OpenSSL 1.1.1, we do anticipate some ecosystem impact due to tightened restrictions on the allowed algorithms and key sizes.

If you hit an ERR_OSSL_EVP_UNSUPPORTED error in your application with Node.js 17, it’s likely that your application or a module you’re using is attempting to use an algorithm or key size which is no longer allowed by default with OpenSSL 3.0. A command-line option, --openssl-legacy-provider, has been added to revert to the legacy provider as a temporary workaround for these tightened restrictions.

For details about all the features in OpenSSL 3.0 please see the OpenSSL 3.0 release blog.

3.2 Solution #2

Downgrade your node.js to v16 like this:

$ npm install -g n
$ n 16.13.0

3.3 The reason of the issue

The reason is clear, we are using a old version of SSL algorithm that is no longer supported in new openssl version.

4. Summary

In this post, I demonstrated how to solve the ERR_OSSL_EVP_UNSUPPORTED error when using npm start to start a react.js application, the key problem is the incompatibility between node.js v17 and openssl v3, so the solution is either to workaround the issue by providing a special environment variable or to downgrade your node.js. That’s it, thanks for your reading.

Final Words + More Resources

My intention with this article was to help others who might be considering solving such a problem. So I hope that’s been the case here. If you still have any questions, don’t hesitate to ask me by email: Email me

Here are also the most important links from this article along with some further resources that will help you in this scope:

• 👨‍💻 BUILDING.md
• 👨‍💻 OpenSSL 3.0 release blog

Oh, and if you found these resources useful, don’t forget to support me by starring the repo on GitHub!

Tags:

• reactjs
• nodejs
• openssl

How to resolve the `Could not download` github because of a connectivity issue between your machine and GitHub problem?

How to resolve 'Cannot find module' or MODULE_NOT_FOUND error when using 'npm start'