[Fix] error:0308010C:digital envelope routines::unsupported

The “error:0308010C:digital envelope routines::unsupported” is typically encountered in Node.js environments, especially after upgrading to Node.js version 17 or later. This error occurs due to Node.js switching the default hashing algorithm used by OpenSSL from “legacy PROVIDER” to “default” in Node.js versions 17+. The error signifies that the cryptographic operations attempted by OpenSSL are relying on an algorithm that is no longer supported in the default provider.

Table of Contents

• Typical Scenarios
• Debugging Steps
  • Identify the Reason
  • Resolving the Error
  • Testing and Verification

Typical Scenarios

This error often arises during various operations that involve hashing or cryptographic functions, such as:

• Starting a Node.js server
• Building a project using Webpack or similar build tools
• Signing certificates or tokens
• Running automated tests that involve the aforementioned operations

Debugging Steps

Identify the Reason

The root cause of this error is the use of an unsupported hashing algorithm after an update to Node.js 17 or newer. It is likely that the codebase or the third-party dependencies might not be fully compatible with the latest cryptographic standards enforced by the updated OpenSSL.

Resolving the Error

To fix the error, apply one of the following solutions based on the circumstances:

1. Downgrade Node.js: If the latest features of Node.js aren’t critical, consider downgrading to an earlier version (such as 16.x) that doesn’t have this issue.
2. Set the Node.js Flag: Use the --openssl-legacy-provider flag when starting Node.js to revert to the legacy provider temporarily.

   node --openssl-legacy-provider app.js

3. Update Dependencies: Ensure all dependencies are up-to-date and compatible with the latest Node.js cryptographic standards.
4. Environment Variable: Use the NODE_OPTIONS environment variable to pass the legacy provider flag globally.

   export NODE_OPTIONS=--openssl-legacy-provider

5. Permanent Code Fix: Update your code to use supported algorithms and cryptographic modules. This is the most sustainable long-term solution.

Note: While the second and fourth options provide quick fixes, they should not be considered permanent solutions, especially for production systems. These are more appropriate for local development or temporary workarounds.

Testing and Verification

After applying a fix, verify that the error has been resolved:

• Restart the Node.js application or the affected software component.
• Run the operation that previously triggered the error to ensure it’s now working properly.
• Watch for any unusual behavior or new errors that may result from the changes.
• Run automated test suites to ensure stability across the application.
• If using legacy provider flag temporarily, plan for a permanent fix soon.

Make sure to apply these fixes to your development, testing, and production environments as appropriate to avoid disruption in your workflow. However, be cautious when updating production environments and ensure all changes are thoroughly tested before deployment.