ERR_OSSL_EVP_UNSUPPORTED is an error code associated with the OpenSSL cryptographic library. This error occurs when OpenSSL is asked to perform an operation or use an algorithm that is either unsupported, unavailable or disabled in the current OpenSLL version or configuration.
What Is ERR_OSSL_EVP_UNSUPPORTED?
ERR_OSSL_EVP_UNSUPPORTED is an OpenSSL error code that occurs when OpenSSL cannot perform a requested operation due to an unsupported, unavailable or disabled algorithm. It typically indicates that the algorithm is incompatible with the current OpenSSL version or configuration. You can fix it by either downloading the latest Node.js LTS version or using the --openssl-legacy-provider flag.
I recently worked on a Nuxt project and couldn’t build it because of a code: ‘ERR_OSSL_EVP_UNSUPPORTED’ error. I found out this is a common Node.js 17 problem that can also occur in Webpack-based projects in React, Next.js and Gatsby.
Let’s learn what causes ERR_OSSL_EVP_UNSUPPORTED and how to fix it.
What Causes ERR_OSSL_EVP_UNSUPPORTED?
As mentioned in the Node.js 17 release notes, ERR_OSSL_EVP_UNSUPPORTED generally occurs when your application or one of its modules attempts to use an algorithm or key size that’s no longer allowed by default with OpenSSL 3.0.
Node.js 17’s upgrade to OpenSSL 3.0 introduced stricter security protocols for algorithms and key sizes. OpenSSL didn’t remove these features, but deprecated them by moving them to a legacy provider. The ERR_OSSL_EVP_UNSUPPORTED error is thrown when your application attempts to use one of these legacy algorithms, which are no longer supported by default in the new OpenSSL version.
How to Fix the ERR_OSSL_EVP_UNSUPPORTED Error
There are two ways to fix the ERR_OSSL_EVP_UNSUPPORTED error:
Method 1: Upgrade Node.js
Upgrade Node.js by downloading and installing the latest Node.js LTS (Long-Term Support) version.
Method 2: Use --Openssl-legacy-provider
If you can’t or don’t want to update your Node.js version, you can fix the problem with the --openssl-legacy-provider workaround. Node.js 17 introduced this command line option to revert to the legacy OpenSSL provider.
To use the --openssl-legacy-provider flag as a temporary workaround, you can set an environment variable when running your scripts like so:
MacOS and Linux
For macOS and Linux:
NODE_OPTIONS=--openssl-legacy-provider npm run startWindows
For Windows (in Command Prompt):
set NODE_OPTIONS=--openssl-legacy-provider && npm run startAs a note, this command only applies the setting for the current terminal session. For a permanent solution on MacOS, Linux or Windows, you would need to set the environment variable globally.
React
For projects created with Create React App, you can add the flag directly to the start and build scripts in the package.json file:
'start': 'react-scripts --openssl-legacy-provider start',
'build': 'react-scripts --openssl-legacy-provider build'Et voilà! Your application should now work like a charm.
ERR_OSSL_EVP_UNSUPPORTED is an annoying error. Addressing it isn’t difficult. You should now understand why Node.js 17 raises that error and how to fix it with the --openssl-legacy-provider command line option.
Frequently Asked Questions
What is ERR_OSSL_EVP_UNSUPPORTED?
ERR_OSSL_EVP_UNSUPPORTED is an error that occurs in Node.js 17 and later versions when an application or one of its modules tries to use an algorithm or key size that is no longer allowed by default in OpenSSL 3.0.
What do you fix the ERR_OSSL_EVP_UNSUPPORTED error?
To fix ERR_OSSL_EVP_UNSUPPORTED, you can do one of the following:
- Upgrade Node.js: Install the latest Node.js LTS (Long-Term Support) version.
- Use a command-line option: Add
--openssl-legacy-providerto yourstartscript (orstartandbuildscripts in thepackage.jsonfile for React).
