Webpack build failing with ERR_OSSL_EVP_UNSUPPORTED

Question

I'm having an issue with a Webpack build process that suddenly broke, resulting in the following error...

<s> [webpack.Progress] 10% building 0/1 entries 0/0 dependencies 0/0 modules
node:internal/crypto/hash:67
  this[kHandle] = new _Hash(algorithm, xofLen);
                  ^

Error: error:0308010C:digital envelope routines::unsupported
    at new Hash (node:internal/crypto/hash:67:19)
    at Object.createHash (node:crypto:130:10)
    at BulkUpdateDecorator.hashFactory (/app/node_modules/webpack/lib/util/createHash.js:155:18)
    at BulkUpdateDecorator.update (/app/node_modules/webpack/lib/util/createHash.js:46:50)
    at OriginalSource.updateHash (/app/node_modules/webpack-sources/lib/OriginalSource.js:131:8)
    at NormalModule._initBuildHash (/app/node_modules/webpack/lib/NormalModule.js:888:17)
    at handleParseResult (/app/node_modules/webpack/lib/NormalModule.js:954:10)
    at /app/node_modules/webpack/lib/NormalModule.js:1048:4
    at processResult (/app/node_modules/webpack/lib/NormalModule.js:763:11)
    at /app/node_modules/webpack/lib/NormalModule.js:827:5 {
  opensslErrorStack: [ 'error:03000086:digital envelope routines::initialization error' ],
  library: 'digital envelope routines',
  reason: 'unsupported',
  code: 'ERR_OSSL_EVP_UNSUPPORTED'
}
command terminated with exit code 1

I've tried googling ERR_OSSL_EVP_UNSUPPORTED webpack which yielded almost no useful results, but it did highlight an issue using MD4 as provided by OpenSSL (which is apparently deprecated?) to generate hashes.

The webpack.config.js code is as follows:

const path = require('path');
const webpack = require('webpack');

/*
 * SplitChunksPlugin is enabled by default and replaced
 * deprecated CommonsChunkPlugin. It automatically identifies modules which
 * should be splitted of chunk by heuristics using module duplication count and
 * module category (i. e. node_modules). And splits the chunks…
 *
 * It is safe to remove "splitChunks" from the generated configuration
 * and was added as an educational example.
 *
 * https://webpack.js.org/plugins/split-chunks-plugin/
 *
 */

/*
 * We've enabled TerserPlugin for you! This minifies your app
 * in order to load faster and run less javascript.
 *
 * https://github.com/webpack-contrib/terser-webpack-plugin
 *
 */

const TerserPlugin = require('terser-webpack-plugin');

module.exports = {
    mode: 'development',
    entry: './src/js/scripts.js',

    output: {
        path: path.resolve(__dirname, 'js'),
        filename: 'scripts.js'
    },

    devtool: 'source-map',

    plugins: [new webpack.ProgressPlugin()],

    module: {
        rules: []
    },

    optimization: {
        minimizer: [new TerserPlugin()],

        splitChunks: {
            cacheGroups: {
                vendors: {
                    priority: -10,
                    test: /[\\/]node_modules[\\/]/
                }
            },

            chunks: 'async',
            minChunks: 1,
            minSize: 30000,
            name: 'true'
        }
    }
};

How do I change the hashing algorithm used by Webpack to something else?

Answer 1

I had this problem too. I'd accidentally been running on the latest Node.js (17.0 at time of writing), not the LTS version (14.18) which I'd meant to install. Downgrading my Node.js install to the LTS version fixed the problem for me.

Answer 2

I was able to fix it via:

export NODE_OPTIONS=--openssl-legacy-provider

sachaw's comment to Node.js v17.0.0 - Error starting project in development mode #30078

But they say they fixed it: ijjk's comment to Node.js v17.0.0 - Error starting project in development mode #30078:

Hi, this has been updated in v11.1.3-canary.89 of Next.js, please update and give it a try!

For me, it worked only with the annotation above.

I also want to point out that npm run start works with -openssl-legacy-provider, but npm run dev won't.

It seems that there is a patch: Node.js 17: digital envelope routines::unsupported #14532

I personally downgraded to 16-alpine.

Answer 3

There is a hashing algorithm that comes with Webpack v5.54.0+ that does not rely on OpenSSL.

To use this hash function that relies on a npm-provided dependency instead of an operating system-provided dependency, modify the webpack.config.cjs output key to include the hashFunction: "xxhash64" option.

module.exports = {
    output: {
        hashFunction: "xxhash64"
    }
};

Answer 4

Ryan Brownell's answer is the ideal solution if you are using Webpack v5.54.0+.

If you're using an older version of Webpack, you can still solve this by changing the hash function to one that is not deprecated. (It defaults to the ancient md4, which OpenSSL has removed support for, which is the root cause of the error.) The supported algorithms are any supported by crypto.createHash. For example, to use SHA-256:

module.exports = {
    output: {
        hashFunction: "sha256"
    }
};

Finally, if you are unable to change the Webpack configuration (e.g., if it's a transitive dependency which is running Webpack), you can enable OpenSSL's legacy provider to temporarily enable MD4 during the Webpack build. This is a last resort. Create a file openssl.cnf with this content…

openssl_conf = openssl_init

[openssl_init]
providers = provider_sect

[provider_sect]
default = default_sect
legacy = legacy_sect

[default_sect]
activate = 1

[legacy_sect]
activate = 1

…and then set the environment variable OPENSSL_CONF to the path to that file when running Webpack.