diff --git a/packages/app1/webpack.config.js b/packages/app1/webpack.config.js
index c89133d..0b4fbe7 100644
--- a/packages/app1/webpack.config.js
+++ b/packages/app1/webpack.config.js
@@ -3,6 +3,11 @@ const ModuleFederationPlugin = require("webpack").container
   .ModuleFederationPlugin;
 const path = require("path");
 
+// some webpack5/Node18 quirk, better than going with legacy openssl provider :shrug:
+const crypto = require("crypto");
+const crypto_orig_createHash = crypto.createHash;
+crypto.createHash = algorithm => crypto_orig_createHash(algorithm == "md4" ? "sha256" : algorithm);
+
 module.exports = {
   entry: "./index.js",
   mode: "development",
@@ -12,7 +17,8 @@ module.exports = {
     port: 1337
   },
   output: {
-    publicPath: "auto"
+    publicPath: "auto",
+    hashFunction: "sha256"
   },
   module: {
     rules: [
diff --git a/packages/app2/webpack.config.js b/packages/app2/webpack.config.js
index 169b5a2..37d1d0f 100644
--- a/packages/app2/webpack.config.js
+++ b/packages/app2/webpack.config.js
@@ -4,6 +4,11 @@ const HtmlWebpackPlugin = require("html-webpack-plugin");
 
 const { ModuleFederationPlugin } = webpack.container;
 
+// some webpack5/Node18 quirk, better than going with legacy openssl provider :shrug:
+const crypto = require("crypto");
+const crypto_orig_createHash = crypto.createHash;
+crypto.createHash = algorithm => crypto_orig_createHash(algorithm == "md4" ? "sha256" : algorithm);
+
 module.exports = {
   entry: "./index.js",
   mode: "development",
@@ -13,7 +18,8 @@ module.exports = {
     port: 1338
   },
   output: {
-    publicPath: "auto"
+    publicPath: "auto",
+    hashFunction: "sha256"
   },
   module: {
     rules: [
diff --git a/packages/store/webpack.config.js b/packages/store/webpack.config.js
index 91b1403..4a8886a 100644
--- a/packages/store/webpack.config.js
+++ b/packages/store/webpack.config.js
@@ -4,6 +4,11 @@ const HtmlWebpackPlugin = require("html-webpack-plugin");
 
 const { ModuleFederationPlugin } = webpack.container;
 
+// some webpack5/Node18 quirk, better than going with legacy openssl provider :shrug:
+const crypto = require("crypto");
+const crypto_orig_createHash = crypto.createHash;
+crypto.createHash = algorithm => crypto_orig_createHash(algorithm == "md4" ? "sha256" : algorithm);
+
 module.exports = {
   // no entry
   entry: {},
@@ -14,7 +19,8 @@ module.exports = {
     port: 1339
   },
   output: {
-    publicPath: "auto"
+    publicPath: "auto",
+    hashFunction: "sha256"
   },
   module: {
     rules: [