Node.js crypto fails to sign pem key string from file with error:25066067:DSO support routines:dlfcn_load:could not load the shared library

Question

I have two node projects running side by side in my Git directory.

Same version of node 14.5, same pem key in root, same everything. Yet, one node process is able to sign my base64 pem key and the other is not. I can remove the base64 setting and still one process signs, the other doesn't.

I get this error message from the sign.sign() method.

error:25066067:DSO support routines:dlfcn_load:could not load the shared library

The code is as follows:

const crypto = require('crypto');

var policy = {
 Statement: [
  {
   Resource: 'https://dev.geolytix.io/mapp/workspace.json',
   Condition: { DateLessThan: { 'AWS:EpochTime': Date.now() + 60 * 60 * 1000 } },
  },
 ],
};
  
var sign = crypto.createSign('RSA-SHA1');

sign.write(JSON.stringify(policy));

var pem = String(readFileSync(join(__dirname, `./mykey.pem`)))

let signature = sign.sign(pem, 'base64')

I noticed the problem occuring after updating my OS to Ubuntu 22.04.

I have purged openssl (version 3) and manually installed openssl 1.1.1o from source. https://fedingo.com/how-to-install-openssl-in-ubuntu/ Unfortunately that will remove other apps like Chrome which require a newer version of OpenSSL.

I was now able to manually build and install openssl 3.0.3. The crypto module still fails.

Answer 1

As a quick fix, run:

export OPENSSL_CONF=/dev/null

Alternatively, upgrade your node to at least v18.x.

---

Both answers are taken from the comments. What I really wanted to add is how to set the OPENSSL_CONF in Heroku environments. In your app Settings, under "Config Vars" do: