UnicodeDecodeError: 'ascii'

Help
1

Hi all,
I am receiving this error when I am going to install a certificate
I’m using nginx
UnicodeDecodeError: 'ascii' codec can't decode byte 0x92 in position 5: ordinal not in range(128)

2

Please fill out the fields below so we can help you better. Note: you must provide your domain name to get help. Domain names for issued certificates are all made public in Certificate Transparency logs (e.g. https://crt.sh/?q=example.com), so withholding your domain name here does not increase secrecy, but only makes it harder for us to provide help.

My domain is:

I ran this command:

It produced this output:

My web server is (include version):

The operating system my web server runs on is (include version):

My hosting provider, if applicable, is:

I can login to a root shell on my machine (yes or no, or I don’t know):

I’m using a control panel to manage my site (no, or provide the name and version of the control panel):

The version of my client is (e.g. output of certbot --version or certbot-auto --version if you’re using Certbot):

If the client’s output doesn’t include the Python traceback, can you check its log file, if it has one?

3

My domain is:
smi.cujae.edu.cu
I ram this command:
./letsencrypt-auto --nginx
It produced this output:
Saving debug log to /var/log/letsencrypt/letsencrypt.log
Plugins selected: Authenticator nginx, Installer nginx

Which names would you like to activate HTTPS for?
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
1: smi.cujae.edu.cu
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Select the appropriate numbers separated by commas and/or spaces, or leave input
blank to select all options shown (Enter 'c' to cancel): 1
Obtaining a new certificate
Performing the following challenges:
http-01 challenge for smi.cujae.edu.cu
Cleaning up challenges
An unexpected error occurred:
UnicodeDecodeError: 'ascii' codec can't decode byte 0x92 in position 5: ordinal not in range(128)
Please see the logfiles in /var/log/letsencrypt for more details.

My web server is nginx version: nginx/1.10.3 (Ubuntu)

4

Can you paste the traceback from /var/log/letsencrypt/letsencrypt.log?

5 
2019-04-11 17:59:13,516:DEBUG:certbot.main:certbot version: 0.33.1
2019-04-11 17:59:13,517:DEBUG:certbot.main:Arguments: ['--nginx']
2019-04-11 17:59:13,517:DEBUG:certbot.main:Discovered plugins: PluginsRegistry(PluginEntryPoint#apache,PluginEntryPoint#manual,PluginEntryPoint#nginx,PluginEntryPoint#null,PluginEntryPoint#standalone,PluginEntryPoint#webroot)
2019-04-11 17:59:13,526:DEBUG:certbot.log:Root logging level set at 20
2019-04-11 17:59:13,526:INFO:certbot.log:Saving debug log to /var/log/letsencrypt/letsencrypt.log
2019-04-11 17:59:13,526:DEBUG:certbot.plugins.selection:Requested authenticator nginx and installer nginx
2019-04-11 17:59:13,618:DEBUG:certbot.plugins.selection:Single candidate plugin: * nginx
Description: Nginx Web Server plugin
Interfaces: IAuthenticator, IInstaller, IPlugin
Entry point: nginx = certbot_nginx.configurator:NginxConfigurator
Initialized: <certbot_nginx.configurator.NginxConfigurator object at 0x7f25b21b4ad0>
Prep: True
2019-04-11 17:59:13,618:DEBUG:certbot.plugins.selection:Selected authenticator <certbot_nginx.configurator.NginxConfigurator object at 0x7f25b21b4ad0> and installer <certbot_nginx.configurator.NginxConfigurator object at 0x7f25b21b4ad0>
2019-04-11 17:59:13,619:INFO:certbot.plugins.selection:Plugins selected: Authenticator nginx, Installer nginx
2019-04-11 17:59:13,621:DEBUG:certbot.main:Picked account: <Account(RegistrationResource(body=Registration(status=None, terms_of_service_agreed=None, agreement=None, only_return_existing=None, contact=(), key=None, external_account_binding=None), uri=u'https://acme-v02.api.letsencrypt.org/acme/acct/55045713', new_authzr_uri=None, terms_of_service=None), 1f88ef4dad3b65da4034a34a52c81130, Meta(creation_host=u'smi.cujae.edu.cu', creation_dt=datetime.datetime(2019, 4, 11, 21, 1, 24, tzinfo=<UTC>)))>
2019-04-11 17:59:13,622:DEBUG:acme.client:Sending GET request to https://acme-v02.api.letsencrypt.org/directory.
2019-04-11 17:59:13,623:DEBUG:urllib3.connectionpool:Starting new HTTPS connection (1): acme-v02.api.letsencrypt.org:443
2019-04-11 17:59:13,999:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "GET /directory HTTP/1.1" 200 658
2019-04-11 17:59:13,999:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 658
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 11 Apr 2019 21:59:13 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Apr 2019 21:59:13 GMT
Connection: keep-alive

{
  "igaZ_jFhIdQ": "https://community.letsencrypt.org/t/adding-random-entries-to-the-directory/33417",
  "keyChange": "https://acme-v02.api.letsencrypt.org/acme/key-change",
  "meta": {
    "caaIdentities": [
      "letsencrypt.org"
    ],
    "termsOfService": "https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf",
    "website": "https://letsencrypt.org"
  },
  "newAccount": "https://acme-v02.api.letsencrypt.org/acme/new-acct",
  "newNonce": "https://acme-v02.api.letsencrypt.org/acme/new-nonce",
  "newOrder": "https://acme-v02.api.letsencrypt.org/acme/new-order",
  "revokeCert": "https://acme-v02.api.letsencrypt.org/acme/revoke-cert"
}
2019-04-11 17:59:15,957:INFO:certbot.main:Obtaining a new certificate
2019-04-11 17:59:16,108:DEBUG:certbot.crypto_util:Generating key (2048 bits): /etc/letsencrypt/keys/0008_key-certbot.pem
2019-04-11 17:59:16,109:DEBUG:certbot.crypto_util:Creating CSR: /etc/letsencrypt/csr/0008_csr-certbot.pem
2019-04-11 17:59:16,110:DEBUG:acme.client:Requesting fresh nonce
2019-04-11 17:59:16,110:DEBUG:acme.client:Sending HEAD request to https://acme-v02.api.letsencrypt.org/acme/new-nonce.
2019-04-11 17:59:16,218:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "HEAD /acme/new-nonce HTTP/1.1" 200 0
2019-04-11 17:59:16,218:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: HOA_hhN8MLuCqMGJMm2k7C2FiToAxG953sEr9I61Vec
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Content-Length: 0
Expires: Thu, 11 Apr 2019 21:59:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Apr 2019 21:59:16 GMT
Connection: keep-alive


2019-04-11 17:59:16,219:DEBUG:acme.client:Storing nonce: HOA_hhN8MLuCqMGJMm2k7C2FiToAxG953sEr9I61Vec
2019-04-11 17:59:16,219:DEBUG:acme.client:JWS payload:
{
  "identifiers": [
    {
      "type": "dns", 
      "value": "smi.cujae.edu.cu"
    }
  ]
}
2019-04-11 17:59:16,220:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/new-order:
{
  "protected": "eyJub25jZSI6ICJIT0FfaGhOOE1MdUNxTUdKTW0yazdDMkZpVG9BeEc5NTNzRXI5STYxVmVjIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9uZXctb3JkZXIiLCAia2lkIjogImh0dHBzOi8vYWNtZS12MDIuYXBpLmxldHNlbmNyeXB0Lm9yZy9hY21lL2FjY3QvNTUwNDU3MTMiLCAiYWxnIjogIlJTMjU2In0", 
  "payload": "ewogICJpZGVudGlmaWVycyI6IFsKICAgIHsKICAgICAgInR5cGUiOiAiZG5zIiwgCiAgICAgICJ2YWx1ZSI6ICJzbWkuY3VqYWUuZWR1LmN1IgogICAgfQogIF0KfQ", 
  "signature": "Ccfme2tK2tRREkrysCrOWoTBx8W8aI3OTpHt8g5bv8IHnwvqsKuMnmvedcnsITJGkH-IiS7txzK-azrNNHzcQVatWoJA9pDmzc6bXlJMN8STsKBfaHOPL65oROAqCrqLKM0SIyESigGKBvjb6VuxK9c1KbDCUg6377elWsgC2RP5nIZQ2NIEDksaFOMca1AfR9ye40owWwkgB6LHQtKZLMgD-_KhNFGPHbHrtTg5Rf13jr1LrwzCIBkJ1PziCgxxH44P5_-DWc6jTL8zTcFp0h4_5CDS5CXLnONn4_T8_vK0fbRNGVhdpeQhnXRb8o489jlWjRTiyVkBtPcinpgwNw"
}
2019-04-11 17:59:16,341:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/new-order HTTP/1.1" 201 365
2019-04-11 17:59:16,341:DEBUG:acme.client:Received response:
HTTP 201
Server: nginx
Content-Type: application/json
Content-Length: 365
Boulder-Requester: 55045713
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Location: https://acme-v02.api.letsencrypt.org/acme/order/55045713/395298375
Replay-Nonce: S-Y8wm8SqF-kXuBhfj_4zjowvurls4dj1AoCtvjxxhI
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 11 Apr 2019 21:59:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Apr 2019 21:59:16 GMT
Connection: keep-alive

{
  "status": "pending",
  "expires": "2019-04-18T21:02:02Z",
  "identifiers": [
    {
      "type": "dns",
      "value": "smi.cujae.edu.cu"
    }
  ],
  "authorizations": [
    "https://acme-v02.api.letsencrypt.org/acme/authz/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8"
  ],
  "finalize": "https://acme-v02.api.letsencrypt.org/acme/finalize/55045713/395298375"
}
2019-04-11 17:59:16,341:DEBUG:acme.client:Storing nonce: S-Y8wm8SqF-kXuBhfj_4zjowvurls4dj1AoCtvjxxhI
2019-04-11 17:59:16,342:DEBUG:acme.client:JWS payload:

2019-04-11 17:59:16,343:DEBUG:acme.client:Sending POST request to https://acme-v02.api.letsencrypt.org/acme/authz/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8:
{
  "protected": "eyJub25jZSI6ICJTLVk4d204U3FGLWtYdUJoZmpfNHpqb3d2dXJsczRkajFBb0N0dmp4eGhJIiwgInVybCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hdXRoei9TYzBOTS1OUnJKRzVJZDhzeExaeWQyanktc2lhWmpVQ1Nia19IbWl4Nkc4IiwgImtpZCI6ICJodHRwczovL2FjbWUtdjAyLmFwaS5sZXRzZW5jcnlwdC5vcmcvYWNtZS9hY2N0LzU1MDQ1NzEzIiwgImFsZyI6ICJSUzI1NiJ9", 
  "payload": "", 
  "signature": "fCOscB5aURf8nd0b2iubk7PYOrK-LU-0YtQp5rd-nzP9RcIIaMbMl406_3Md1oZuKWleRFAVD7gR6JrCr78HIs1N0bARN9IIO1DXdCsjvqynC9Y-JY1qrGIw5pOV9dry0bJ57LaHQrZpfP2UQJNgLzciTQa2Dr4imRztzPJblHn2NVisaKztleitF0oOxaKEL1eM-CZ65OIsE8mraSd5K5byClopvuPU0LnXFv2_gfq6zUBE1JKLJHtTZm4rCkOjTwz4793nEIePngG7Vvm0blh5G11PbXQaBcal-VwmNorwyP7D-BSPF8suteX7lG6PBpSnwqAR9rgmSwQaGfip2w"
}
2019-04-11 17:59:16,462:DEBUG:urllib3.connectionpool:https://acme-v02.api.letsencrypt.org:443 "POST /acme/authz/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8 HTTP/1.1" 200 911
2019-04-11 17:59:16,462:DEBUG:acme.client:Received response:
HTTP 200
Server: nginx
Content-Type: application/json
Content-Length: 911
Boulder-Requester: 55045713
Link: <https://acme-v02.api.letsencrypt.org/directory>;rel="index"
Replay-Nonce: oez7jAAYsq3Q6rR59I0YMwfDD0teJhlpdHS79WVZwXU
X-Frame-Options: DENY
Strict-Transport-Security: max-age=604800
Expires: Thu, 11 Apr 2019 21:59:16 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Thu, 11 Apr 2019 21:59:16 GMT
Connection: keep-alive

{
  "identifier": {
    "type": "dns",
    "value": "smi.cujae.edu.cu"
  },
  "status": "pending",
  "expires": "2019-04-18T21:02:02Z",
  "challenges": [
    {
      "type": "dns-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8/14660440985",
      "token": "Wh0gP5wTzxRovwc8p16rCUK8eezC6Snv9w_OJ3-NSlo"
    },
    {
      "type": "tls-alpn-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8/14660440987",
      "token": "oMPt3saqI-8636oOzMkUwYxdNXCrExH8ZUqr39zEpwg"
    },
    {
      "type": "http-01",
      "status": "pending",
      "url": "https://acme-v02.api.letsencrypt.org/acme/challenge/Sc0NM-NRrJG5Id8sxLZyd2jy-siaZjUCSbk_Hmix6G8/14660440989",
      "token": "8aZl6qkZIhMzBu3UBBhzprxYgwSj2WunhI6mhYpCkCk"
    }
  ]
}
2019-04-11 17:59:16,463:DEBUG:acme.client:Storing nonce: oez7jAAYsq3Q6rR59I0YMwfDD0teJhlpdHS79WVZwXU
2019-04-11 17:59:16,463:INFO:certbot.auth_handler:Performing the following challenges:
2019-04-11 17:59:16,463:INFO:certbot.auth_handler:http-01 challenge for smi.cujae.edu.cu
2019-04-11 17:59:16,471:DEBUG:certbot_nginx.http_01:Generated server block:
[]
2019-04-11 17:59:16,471:DEBUG:certbot.reverter:Creating backup of /etc/nginx/nginx.conf
2019-04-11 17:59:16,471:DEBUG:certbot.reverter:Creating backup of /etc/nginx/mime.types
2019-04-11 17:59:16,471:DEBUG:certbot.reverter:Creating backup of /etc/nginx/sites-enabled/default
2019-04-11 17:59:16,472:DEBUG:certbot_nginx.parser:Writing nginx conf tree to /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;

events {
	worker_connections 768;
	# multi_accept on;
}

http {
include /etc/letsencrypt/le_http_01_cert_challenge.conf;
server_names_hash_bucket_size 128;

	##
	# Basic Settings
	##

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# SSL Settings
	##

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
	ssl_prefer_server_ciphers on;

	##
	# Logging Settings
	##

	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log;

	##
	# Gzip Settings
	##

	gzip on;
	gzip_disable "msie6";

	# gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	# gzip_buffers 16 8k;
	# gzip_http_version 1.1;
	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

	##
	# Virtual Host Configs
	##

	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
}


#mail {
#	# See sample authentication script at:
#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
# 
#	# auth_http localhost/auth.php;
#	# pop3_capabilities "TOP" "USER";
#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
# 
#	server {
#		listen     localhost:110;
#		protocol   pop3;
#		proxy      on;
#	}
# 
#	server {
#		listen     localhost:143;
#		protocol   imap;
#		proxy      on;
#	}
#}

2019-04-11 17:59:16,473:DEBUG:certbot.error_handler:Encountered exception:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 69, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 1057, in perform
    http_response = http_doer.perform()
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/http_01.py", line 60, in perform
    self.configurator.save("HTTP Challenge", True)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 992, in save
    self.parser.filedump(ext='')
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/parser.py", line 243, in filedump
    out = nginxparser.dumps(tree)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/nginxparser.py", line 134, in dumps
    return str(RawNginxDumper(blocks.spaced))
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/nginxparser.py", line 98, in __str__
    return ''.join(self)
UnicodeDecodeError: 'ascii' codec can't decode byte 0x92 in position 5: ordinal not in range(128)

2019-04-11 17:59:16,473:DEBUG:certbot.error_handler:Calling registered functions
2019-04-11 17:59:16,473:INFO:certbot.auth_handler:Cleaning up challenges
2019-04-11 17:59:17,623:DEBUG:certbot.log:Exiting abnormally:
Traceback (most recent call last):
  File "/opt/eff.org/certbot/venv/bin/letsencrypt", line 11, in <module>
    sys.exit(main())
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1364, in main
    return config.func(config, plugins)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 1118, in run
    certname, lineage)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/main.py", line 120, in _get_and_save_cert
    lineage = le_client.obtain_and_enroll_certificate(domains, certname)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 406, in obtain_and_enroll_certificate
    cert, chain, key, _ = self.obtain_certificate(domains)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 349, in obtain_certificate
    orderr = self._get_order_and_authorizations(csr.data, self.config.allow_subset_of_names)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/client.py", line 385, in _get_order_and_authorizations
    authzr = self.auth_handler.handle_authorizations(orderr, best_effort)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot/auth_handler.py", line 69, in handle_authorizations
    resps = self.auth.perform(achalls)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 1057, in perform
    http_response = http_doer.perform()
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/http_01.py", line 60, in perform
    self.configurator.save("HTTP Challenge", True)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/configurator.py", line 992, in save
    self.parser.filedump(ext='')
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/parser.py", line 243, in filedump
    out = nginxparser.dumps(tree)
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/nginxparser.py", line 134, in dumps
    return str(RawNginxDumper(blocks.spaced))
  File "/opt/eff.org/certbot/venv/local/lib/python2.7/site-packages/certbot_nginx/nginxparser.py", line 98, in __str__
    return ''.join(self)
UnicodeDecodeError: 'ascii' codec can't decode byte 0x92 in position 5: ordinal not in range(128)
2019-04-11 17:59:17,623:ERROR:certbot.log:An unexpected error occurred:
6

Hi @aleadco

this is the ’ character. Looks like a typo.

Check your nginx config file and your Certbot renew files

/etc/letsencrypt/renewal

to find that character.

7

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.