Renew error : 'ascii' codec can't decode byte 0xe2


#1

Hello,
With ./letsencrypt-auto renew --force-renewal i have this error :

Attempting to renew cert (e-acta.com) from /etc/letsencrypt/renewal/e-acta.com.c onf produced an unexpected error: ‘ascii’ codec can’t decode byte 0xe2 in positi on 42: ordinal not in range(128). Skipping.
All renewal attempts failed. The following certs could not be renewed:
/etc/letsencrypt/live/e-acta.com/fullchain.pem (failure)

Thank you for help.


#2

Hi @belallioui

0xe2 is â. Do you have a typo (typed ^, then a) in your config file?

What says

./letsencrypt-auto --version

Check this file

/etc/letsencrypt/renewal/e-acta.com.conf

#3

thanks,

Version : certbot 0.30.0
grep -nRP ‘[\x80-\xFF]’ /etc/letsencrypt/renewal/e-acta.com.conf : it gave nothing


#4

Check the file manual. May be uft-8 encoding, utf-16 or something else.


#5

Here is the contents of the file :
renew_before_expiry = 30 days
version = 0.27.1
archive_dir = /etc/letsencrypt/archive/e-acta.com
cert = /etc/letsencrypt/live/e-acta.com/cert.pem
privkey = /etc/letsencrypt/live/e-acta.com/privkey.pem
chain = /etc/letsencrypt/live/e-acta.com/chain.pem
fullchain = /etc/letsencrypt/live/e-acta.com/fullchain.pem

Options used in the renewal process

[renewalparams]
authenticator = nginx
account = 93b1c86da40696885370f4eefcf1894a
server = https://acme-v02.api.letsencrypt.org/directory


#6

Maybe it’s somewhere in your nginx configuration, rather than the renewal conf file itself?


#7

It can also be triggered by actual filenames.

find /etc/nginx -type f

One way to pin it down exactly is to find the error stack trace in /var/log/letsencrypt/letsencrypt.log which will show what code path in Certbot triggered the error.


#8

Thanks of everyone
I find the error in /etc/nginx/sites-available : one lettre ’