Certbot: ‘ascii’ codec can’t encode character ‘\u2502’ in position 550


#1

My domain is: https://www.hjyotish.com

I ran this command: /usr/bin/certbot renew --preferred-challenges http --force-renew

It produced this output:


Processing /etc/letsencrypt/renewal/www.hjyotish.com.conf


Plugins selected: Authenticator apache, Installer apache
Running pre-hook command: /bin/run-parts /etc/letsencrypt/pre-hook.d/
Hook command “/bin/run-parts /etc/letsencrypt/pre-hook.d/” returned error code 1
Error output from run-parts:
run-parts: failed to open directory /etc/letsencrypt/pre-hook.d/: No such file or directory
Renewing an existing certificate
Performing the following challenges:
http-01 challenge for www.hjyotish.com
Waiting for verification…
Cleaning up challenges
Attempting to renew cert (www.hjyotish.com) from /etc/letsencrypt/renewal/www.hjyotish.com.conf produced an unexpected error: ‘ascii’ codec can’t encode character ‘\u2502’ in position 550: ordinal not in range(128). Skipping.

My web server is (include version): Apache/2.4.18 (Ubuntu)

The operating system my web server runs on is (include version): Ubuntu server 16.04

My hosting provider, if applicable, is: Amazon Web Services

Yes, I can login to a root shell on my machine.

I’m using certbot version 0.28
I tried using “less /etc/letsencrypt/renewal/www.hjyotish.com.conf”, but I didn’t see any unusual characters.


Prevent cetrbot from failing with non-ascii characters in config?
Action required: Let's Encrypt certificate renewals
#2

Hi Haydn,

It may be coming from your Apache configuration.

This may help you locate the offender:

grep -RPn "[^\x00-\x7f]" /etc/letsencrypt /etc/{apache2,apache,httpd}

#3

Thank you _az!
I found the offending characters near the end of /etc/letsencrypt/renewal/www.hjyotish.com.conf
They appear on my screen as vertical bars and use the sequence 0xE2 0x94 0x82:

post_hook = /bin/run-parts /etc/letsencrypt/post-hook.d/ │
renew_hook = /bin/run-parts /etc/letsencrypt/renew-hook.d/ │
pre_hook = /bin/run-parts /etc/letsencrypt/pre-hook.d/

Can the by removed or replaced by normal vertical bar characters?

Here is what “od -xa www.hjyotish.com.conf” shows:

0001120    636e    7972    7470    722f    6e65    7765    682d    6f6f
          n   c   r   y   p   t   /   r   e   n   e   w   -   h   o   o
0001140    2e6b    2f64    2020    2020    2020    2020    **e2**20    **8294**
          k   .   d   /  sp  sp  sp  sp  sp  sp  sp  sp  sp   **b dc4 stx**
0001160    700a    6572    685f    6f6f    206b    203d    622f    6e69
         nl   p   r   e   _   h   o   o   k  sp   =  sp   /   b   i   n

#4

Yes, removing the vertical bar sequence should do the trick. I don’t think they serve any useful purpose.

Certbot already supports global hooks in /etc/letsencrypt/renewal-hooks/{deploy,pre,post} , so you might consider using those directories in future, avoiding the need for your custom hook directories.


#5

Thank you!

I remove the ends of the lines containing the offending characters, and it succeeded.
On this machine, the three directories /etc/letsencrypt/{post-hook.d,renew-hook.d,pre-hook.d} don’t exist, so I just removed them.

Thanks again for helping me!