Not able to generate any cert - UnicodeEncodeError


I tried to using certbot with the following cmd on Debian 8 with latest Nginx (Installed over LNMP-Package - see for more info…):

./certbot-auto certonly

Waiting for verification…
Cleaning up challenges
An unexpected error occurred:
UnicodeEncodeError: ‘ascii’ codec can’t encode character u’\ufeff’ in position 197: ordinal not in range(128)
Please see the logfiles in /var/log/letsencrypt for more details.

Log Output:
File “/root/.local/share/letsencrypt/local/lib/python2.7/site-packages/acme/”, line 39, in is_acme_error
return (ERROR_PREFIX in str(err)) or (OLD_ERROR_PREFIX in str(err))
UnicodeEncodeError: ‘ascii’ codec can’t encode character u’\ufeff’ in position 197: ordinal not in range(128)

I searched the Web, Stackoverflow and this forums but not found a solution.

Any ideas?

The message you see is symptomatic of having a non-ASCII character in something that Certbot needs to process or display, which could be a directory name or part of the domain name. In this case u’\ufeff’ is the Unicode byte order mark, which is often used at the beginning of UTF-16-encoded files, especially text files created on Windows systems.

Did you use a Windows machine to create or modify one of the directory names related to your web server or Let’s Encrypt certificates, or one of the associated configuration files? Did you copy and paste any of the data that you input to certbot-auto (like a domain name or e-mail address) from a text file on a Windows machine?

Indeed i have modified some configuration files of the nginx installation with a windows based system over SFTP but not modified any of the cfg files of certbot.

I have read the documentation and choosed the “webroot” method, which (if I understood the docs correctly) shold not touch the vhost configuration of nginx. From my point of view, the nginx configuration can be excluded as a cause.(?)

Another cause can be the installation of nginx itself. This is a complete Automatically installed Version of Linux, Nginx, MySQL and PHP from Because the installation script comes from China, some comments in configs and readme files are written in chinese letters - and are possibly decoded in non-ASCII Chars.

So, how can i know which Files certbot needs in detail to debug the files manually? Is there a List of needed Files available somewhere?
…Or maybe there is a simpler way to solute that?

I’d suspect it’s in one of the files you edited with SFTP.

In the command above (./certbot-auto certonly ) you weren’t using the webroot method - it was in “auto” which will read the nginx config files.

Does the log give any indication of the file the error is in ? if not I’d suggest taking a backup, then running “dos2unix *” in your nginx config folder which should convert all the files from windows / dos into unix format.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.