DEV Community

Alex Antsiferov
Alex Antsiferov

Posted on • Edited on

3

Ruby 3.1.x and OpenSSL::Digest::DigestError

Came across this issue after upgrading Ruby to 3.1.0 in one of the apps I'm working on.

I use rbenv to manage Ruby versions, and it turns out they recently started building Ruby with OpenSSL 3.0 instead of OpenSSL 1.1.

OpenSSL 3.0, in turn, has retired a number of algorithms (including MD4 function, which was used in that app).

And hello! After the update, we call OpenSSL::Digest::MD4.hexdigest() and get this:
OpenSSL::Digest::DigestError, message: Digest initialization failed: initialization error

So, if you're using rbenv to update Ruby to 3.1.x and your code uses one of the retired algorithms, there's a chance you'll come across a similar issue.

A temporary workaround if you can't get rid of legacy code right away:

  • install Ruby with OpenSSL 1.1 (note I'm using brew here): export RUBY_CONFIGURE_OPTS="--with-openssl-dir=$(brew --prefix openssl@1.1)" && rbenv install 3.1.0
  • as an alternative, look into re-enabling MD4 in OpenSSL (this looks useful)

Another alternative would be to use an MD4 implementation in pure Ruby.

Reinvent your career. Join DEV.

It takes one minute and is worth it for your career.

Get started

Top comments (0)

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay