1st = I am not a Programmer, not a Developer, nor a Modder... I just love my ANDROID DEVICE's... these roms will not get updated, they are STOCK ODEX Rom's not ALTERED except for renaming the KNOX files by adding the extension .ori so they would not run, I did not delete any files from these ROM's.
2nd = How to install the rom, JUST go to RECOVERY, ( I use TWRP RECOVERY ), Always make a backup 1st.. These Roms don't wipe ur Data, so if you don't wipe Data you might have some issues, - that being said - wipe SYSTEM, DATA, CACHE, DALVIK CACHE 2 times, DO NOT DELETE SDCARD and EXTERNAL SDCARD, then just flash the rom,...
3rd = Don't hold me responsible, if your phone blows up, or for whatever other damages u do to ur phone, flash at your own risk...
**************************************************
I made these Rom's for my personal use, and thought I would share for others that want STOCK ODEX Rom's, these Rom's are not rooted.
If you want the ROM rooted, goto Chainfire and download the newest SU available, after flashing the ROM, flash SU, reboot the phone, goto the Playstore and then install BusyBox, from Steriscon.
**************************************************
before posting theses Rom's I test them out, so they have no issues or problems...
Anyone can use these ROM's as a base for there own, all I ask is - if you share any of these ROM's, give proper credit to me, mdiaz33685...
Please Don't forget to hit the THANK'S Button...
**************************************************
SPECIAL THANKS TO.... in no special order...
Samsung
T-Mobile
XDA for teaching and hosting threads... and all the inspiring chefs...
dsixda's Android Kitchen = without this couldn't cook any roms...
Chainfire's SuperSU
jovy23 = thanks for his tutorials, kernals and MORE... :good:
**************************************************
LIST of FIRMWARES and Roms AVAILABLE at The Site and DOWNLOAD LINK...
DOWNLOAD Link for Stock ODEX Rom's and Firmware's - Link to androidfilehost site
**************************************************
for example these files are in RAR format... N900TUVUDNF1-files-modem.bin-boot.img-recovery.img.rar - ( which includes modem.bin + NON-HLOS.bin + boot.img + recovery.img )
**************************************************
**************************************************
Instructions
•Extract (unzip) the firmware file
•Download Odin v3.09
•Extract Odin zip-file
•Open Odin v3.09
•Reboot phone in Download Mode (press and hold Home + Power + Volume Down buttons)
•Connect phone and wait until you get a blue sign in Odin
•Add the firmware file to AP / PDA
•Make sure re-partition is NOT ticked
•Click the start button, sit back and wait a few minutes
**************************************************
N900TUVUBMI7_N900TTMBBMI7_TMB = 4.3 = Build date: Fri, 13 Sep 2013 14:52:13 +0000 = USA (T-Mobile)
N900TUVUCNB4_N900TTMBCNB4_TMB = 4.4.2 = Build date: Wed, 12 Feb 2014 12:37:28 +0000 = USA (T-Mobile)
N900TUVUDNE6_N900TTMBDNE6_TMB = 4.4.2 = Build date: May, 19 Mon 2014 00:00:00 +0000 = USA (T-Mobile)
N900TUVUDNF1_N900TTMBDNF1_TMB = 4.4.2 = Build date: Tue, 17 Jun 2014 10:18:03 +0000 = USA (T-Mobile)
N900TUVUDNF4_N900TTMBDNF4_TMB = 4.4.2 = Build date: Sat, 19 Jul 2014 02:55:32 +0000 = USA (T-Mobile)
N900TUVUDNF9_N900TTMBDNF9_TMB = 4.4.2 = Build date: Fri, 22 Aug 2014 10:12:58 +0000 = USA (T-Mobile)
**********
N9005XXUEND3_N9005OLBENC3-XME = 4.4.2 = Build date: Mon, 14 Apr 2014 08:38:48 +0000 = Malaysia
N9005XXUEND5_N9005NEEEND1_NEE = 4.4.2 = Build date: Thu, 17 Apr 2014 09:36:47 +0000 = Nordic countries
N9005XXUEND6_N9005OLBEND1_SMA = 4.4.2 = Build date: Thu, 24 Apr 2014 00:00:00 +0000 = Philippines (Smart)
N9005ZHUENE3-20140515145650-TGY = 4.4.2 = Build date: Mon, 12 May 2014 00:00:00 +0000 = Hong Kong
N9005DXUENE3_N9005OLCENE4_SIN = 4.4.2 = Build date: Tues, 13 May 2014 00:00:00 +0000 = Singapore - (singtel)
N9005ZTUENE2_N9005ZZTENE2_BRI = 4.4.2 = Build date: Mon, 19 Mon 2014 00:00:00 +0000 = Taiwan
N9005DXUENE4_N9005OLCENE5_SIN = 4.4.2 = Build date: Tues, 20 May 2014 00:00:00 +0000 = Singapore
N9005XXUENE2_N9005MEOENE1_MEO = 4.4.2 = Build date: Fri, 23 May 2014 06:39:11 +0000 = Portugal
N9005ZHUENE6_N9005ZZHENE6_TGY = 4.4.2 = Build date: Tues, 27 May 2014 00:00:00 +0000 = Hong Kong
N9005XXUENE3_N9005MGFENE2_MGF = 4.4.2 = Build date: Wed, 28 May 2014 08:59:36 +0000 = Russia (MegaFon)
N9005ZHUENF1_N9005ZZHENF1_TGY = 4.4.2 = Build date: Thu, 05 Jun 2014 12:29:04 +0000 = Hong Kong
N9005DXUENF3_N9005OLCENF2_SIN = 4.4.2 = Build date Wed, 25 Jun 2014 124211 +0000 = Singapore (SingTel)
N9005XXUFNF4_N9005OXAFNF4_BTU = 4.4.2 = Build date: Wed, 25 Jun 2014 12:15:26 +0000 = United Kingdom
N9005XXUFNF4_N9005OLBFNG1_SMA = 4.4.2 = Build date: Wed, 25 Jun 2014 12:15:26 +0000 = Philippines (Smart)
N9005XXUFNG2_N9005OXXFNG2_SEE = 4.4.2 = Build date: Tue, 08 Jul 2014 15:16:09 +0000 = South East Europe
N9005DXUFNG2_N9005OLCFNG1-XSP = 4.4.2 = Build date: Thu, 24 Jul 2014 10:35:58 +0000 = Singapore
N9005VJUFNG3_N9005UUBFNG2_CHO = 4.4.2 = Build date: Fri, 25 Jul 2014 12:00:32 +0000 = Chile
N9005XXUGNG1_N9005OXAGNG1_BTU = 4.4.2 = Build date Thu, 28 July 2014 000000 +0000 = United Kingdom
N9005XXUGNG1_N9005OJVGNH1_XSI = 4.4.2 = Build date: Mon, 28 Jul 2014 12:56:29 +0000 = United Arab Emirates
N9005DXUGNH1_N9005OLCGNH1_XSP = 4.4.2 = Build date: Tue, 12 Aug 2014 02:28:16 +0000 = Singapore
N9005ZHUENH4_N9005ZZHENH4_TGY = 4.4.2 = Build date: Tue, 19 Aug 2014 15:46:34 +0000 = Hong Kong
N9005XXUGNI4_N9005AUTGNJ1_AUT = 4.4.2 = Build date: Mon, 29 Sep 2014 06:43:19 +0000 = Switzerland
N9005XXUGNI4_N9005TMZGNI1_TMZ = 4.4.2 = Build date: Mon, 29 Sep 2014 06:43:19 +0000 = Czech Republic (T-Mobile)
**********
N900W8VLUCNB7_N900W8OYACNB7_BMC = 4.4.2 = Build date: Thu, 27 Feb 2014 08:12:49 +0000 = Canada (Bell Mobile)
N900W8UBUCNC1_N900W8UUBCNE1_TTT = 4.4.2 = Build date: Wed, 05 Mar 2014 06:14:01 +0000 = Trinidad and Tobago
N900W8VLUCNI1_N900W8OYACNI1_VTR = 4.4.2 = Build date: Mon, 01 Sep 2014 10:22:24 +0000 = Canada (Videotron)
N900W8UBUCNJ1_N900W8UUBCNJ2_TPA = 4.4.2 = Build date: Fri, 03 Oct 2014 20:16:03 +0000 = Panama
**********
N9000QXXUENG4_N9000QTURENG3_TUR = 4.4.2 = Build date: Thu, 21 July 2014 00:00:00 +0000 = Turkey (La Fleur)
**************************************************
**************************************************
Xposed - ROM modding without modifying APKs=http://forum.xda-developers.com/xposed/framework-xposed-rom-modding-modifying-t1574401
Wanam Xposed | Customize your Stock Samsung Roms=http://forum.xda-developers.com/xposed/modules/app-wanam-xposed-customize-stock-t2383484
**************************************************
What I do 1st is make a copy of the rom, then
remove most of the files you don't want, or that you can get from the Play Store from the rom itself (rom name.zip), \system\apps and \system\priv-app
then restore the newest updated files from your \data\apps folder with Titanium Backup free or (PRO) or MyBackup Root free or (Pro) versions.
**************************************************
reserved
reserved
@mdiaz33685 So those are flashable zips of stock ROMs? Seems awesome, I was looking for something like this.
I am a little confused though, when I go into the download folder there are multiple files. I want to select say N9005DXUENE3 which should be the latest for my device (N9005) but there are two files, one named hlte only 700 mbs in size and the other with some Samsung code name being 1.3 gigs in size. What is the difference between the two releases?
Can be N9005DXUENE3 multi csc?
Thanks
Delete
Sent from my SM-N9005 using Tapatalk
---------- Post added at 02:40 PM ---------- Previous post was at 02:37 PM ----------
Favourite thread!
Sent from my SM-N9005 using Tapatalk
testmonkey1 said:
@mdiaz33685 So those are flashable zips of stock ROMs? Seems awesome, I was looking for something like this.
I am a little confused though, when I go into the download folder there are multiple files. I want to select say N9005DXUENE3 which should be the latest for my device (N9005) but there are two files, one named hlte only 700 mbs in size and the other with some Samsung code name being 1.3 gigs in size. What is the difference between the two releases?
Click to expand...
Click to collapse
I'm having the same confusion. But I'm downloading the 1.3gb version. Will flash and feedback later
testmonkey1 said:
@mdiaz33685 So those are flashable zips of stock ROMs? Seems awesome, I was looking for something like this.
I am a little confused though, when I go into the download folder there are multiple files. I want to select say N9005DXUENE3 which should be the latest for my device (N9005) but there are two files, one named hlte only 700 mbs in size and the other with some Samsung code name being 1.3 gigs in size. What is the difference between the two releases?
Click to expand...
Click to collapse
N9005DXUENE3_N9005OLCENE4_N9005DXUENE2_HOME-4.4.2.zip - this is the firmware version...
pcboyy said:
I'm having the same confusion. But I'm downloading the 1.3gb version. Will flash and feedback later
Click to expand...
Click to collapse
looks like they were having issues when I was uploading, and the file didn't upload correctly...
I will upload the Stock Odex rom when I get back, going out right now...
sorry, they were doing server updating...
edit.. uploading the STOCK ODEX ROM = should be done in a few.. N9005DXUENE3-hlte_Stock_Odex_NotRooted-NoKnox.zip
N9005DXUENE3_N9005OLCENE4_N9005DXUENE2_HOME-4.4.2.zip - this is the firmware version...
Instructions
•Extract (unzip) the firmware file
•Download Odin v3.09
•Extract Odin zip-file
•Open Odin v3.09
•Reboot phone in Download Mode (press and hold Home + Power + Volume Down buttons)
•Connect phone and wait until you get a blue sign in Odin
•Add the firmware file to AP / PDA
•Make sure re-partition is NOT ticked
•Click the start button, sit back and wait a few minutes
testmonkey1 said:
@mdiaz33685 So those are flashable zips of stock ROMs? Seems awesome, I was looking for something like this.
I am a little confused though, when I go into the download folder there are multiple files. I want to select say N9005DXUENE3 which should be the latest for my device (N9005) but there are two files, one named hlte only 700 mbs in size and the other with some Samsung code name being 1.3 gigs in size. What is the difference between the two releases?
Click to expand...
Click to collapse
yes, these are flashable through recovery, I use twrp 2700... the STOCK Odex Roms, if you want root, just go download your SU, link on the OP page for chainfire.. and then through the play store download busybox..
I always download the newest and keep it on my phone, and install everything manually..
I test everything, without root 1st, then I flash SU - http://forum.xda-developers.com/showthread.php?t=1538053 and install busybox...
Will it flash modem as well?
Rosli59564 said:
Will it flash modem as well?
Click to expand...
Click to collapse
No it won't flash the modem and it won't erase data. But always make a backup first.
Sent from my SM-N900T using XDA Premium 4 mobile app
can i flash t mobile firmware on n9005
brightssingh said:
can i flash t mobile firmware on n9005
Click to expand...
Click to collapse
Which phone do u have... I have the N900T and I flashed the new firmware for N900TUVUDNE6 on top of the rom N9005ZHUENE3, I kept my data, but always make a backup, I only flash the N900T firmware on my phone, but I have used every rom I have posted on my phone.. sometimes it might not keep data... I flashed the firmware so many times, at one point it did wipe the internal SD, but I don't know if it was the firmware or me just wiping the phone trying to flash the modem... I had a very hard time with the modem...
I only recommend flashing firmware for your correct phone model..
Can u share modem ne3.tar ? My modem still in nc2 and I want update it
dl the stock rom and flash it and you will have MODEM: N9005DXUENE2
I have problems with this file N9005DXUENE3-hlte_Stock_Odex_NotRooted-NoKnox.zip
I can't unzip with 7zip and modify it. can you add md5, mine is B79620EEB7D24DBF5F3F3E1E34991119
and the size is 1,26 Go. I dl 2 timzes with same results
rayman95 said:
dl the stock rom and flash it and you will have MODEM: N9005DXUENE2
I have problems with this file N9005DXUENE3-hlte_Stock_Odex_NotRooted-NoKnox.zip
I can't unzip with 7zip and modify it. can you add md5, mine is B79620EEB7D24DBF5F3F3E1E34991119
and the size is 1,26 Go. I dl 2 timzes with same results
Click to expand...
Click to collapse
md5-b79620eeb7d24dbf5f3f3e1e34991119 http://www.androidfilehost.com/?fid=23501681358537470
try another browser, or a different server ... - there are 58 downloads, no one mentioned anything wrong with it,,
im going to download it and see it it works, if not I will upload it again, I let u know ok... give me a bit..
edit: just downloaded the file, looks corrupted, im loading now... I checked and a lot files look kinda short, I had to reupload over 10 files, don't know whats going on when there updating and changing there servers.
md5-3443ac6ae4f79ecce2c43b1ae901b07b
size: 1.2GB
in my kitchen file size is.. 1.29 GB
thank's. Dl again and let you know
---------- Post added at 11:08 AM ---------- Previous post was at 10:35 AM ----------
got the zip with same Md5 : 3443ac........ the size is 1,24 Go but I can't unzip or modify with 7zip and winrar
got message file corrupted in winrar
rayman95 said:
thank's. Dl again and let you know
---------- Post added at 11:08 AM ---------- Previous post was at 10:35 AM ----------
got the zip with same Md5 : 3443ac........ the size is 1,24 Go but I can't unzip or modify with 7zip and winrar
got message file corrupted in winrar
Click to expand...
Click to collapse
+1. Size is 1,26 GBs for me though (on Windows)
Downloaded the zip last night, today when trying to open it through Windows explorer it said corrupted zip. 7zip actually opened the archive but when trying to extract it it gives some weird error.
PS: I think OP is reuploading the file as we speak. Hope it works this time.
@mdiaz33685
What is the difference between N9005DXUENE3-hlte_Stock_Odex_NotRooted-NoKnox.zip and the other archive. One is completely stock and the other has Knox removed? E.g. the removed KNOX is the only difference?
Also do you think of adding minor tweaks like disabled call ringer, and enabled hidden CSC features.
edit: redownloaded the new file. 1,24 GBs in size. Still corrupted. Downloading the other N9005 to check it now.
it seems this file has problem too http://www.androidfilehost.com/?fid=23501681358538194
Hi!
I'm running a custom rom (CM 12.1), but my Xperia L doesnt detect any sim card more - even when I do a factory reset - "Emergency Calls Only"/sim card not detected. I tested and the sim card works on another cellphone. The Mobile Network option is greyed out, I can't turn on/off and the APN settings are not available for me - i can add manually an APN, but it disappear after "save". The Wifi is working normally - the problem it's just the sim card - no signal detected. The system says that phone number is unknow.
I tried some solutions (forum and googling it), but nothing works. This can be a hardware problem? I'm a bit confused.
Device Model: Xperia L
CyanogenMod version: 12.1-20160710-NIGHTLY-taoshan
Android version: 5.1.1
Android security patch level: July 1, 2016
Baseband version: 8930B-BAAAATAZQ-3228109-16-1016
Kernel version: 3.4.0-g8ce6fe2 [email protected] #1 Sun Jul 10 16:50:16 PDT 2016
Fehelberg said:
Hi!
I'm running a custom rom (CM 12.1), but my Xperia L doesnt detect any sim card more - even when I do a factory reset - "Emergency Calls Only"/sim card not detected. I tested and the sim card works on another cellphone. The Mobile Network option is greyed out, I can't turn on/off and the APN settings are not available for me - i can add manually an APN, but it disappear after "save". The Wifi is working normally - the problem it's just the sim card - no signal detected. The system says that phone number is unknow.
I tried some solutions (forum and googling it), but nothing works. This can be a hardware problem? I'm a bit confused.
Device Model: Xperia L
CyanogenMod version: 12.1-20160710-NIGHTLY-taoshan
Android version: 5.1.1
Android security patch level: July 1, 2016
Baseband version: 8930B-BAAAATAZQ-3228109-16-1016
Kernel version: 3.4.0-g8ce6fe2 [email protected] #1 Sun Jul 10 16:50:16 PDT 2016
Click to expand...
Click to collapse
Yes it could be a hardware problem since you did a reset, try blowing some air to the port with a hair dryer set to cold :good:
Fehelberg said:
Hi!
I'm running a custom rom (CM 12.1), but my Xperia L doesnt detect any sim card more - even when I do a factory reset - "Emergency Calls Only"/sim card not detected. I tested and the sim card works on another cellphone. The Mobile Network option is greyed out, I can't turn on/off and the APN settings are not available for me - i can add manually an APN, but it disappear after "save". The Wifi is working normally - the problem it's just the sim card - no signal detected. The system says that phone number is unknow.
I tried some solutions (forum and googling it), but nothing works. This can be a hardware problem? I'm a bit confused.
Device Model: Xperia L
CyanogenMod version: 12.1-20160710-NIGHTLY-taoshan
Android version: 5.1.1
Android security patch level: July 1, 2016
Baseband version: 8930B-BAAAATAZQ-3228109-16-1016
Kernel version: 3.4.0-g8ce6fe2 [email protected] #1 Sun Jul 10 16:50:16 PDT 2016
Click to expand...
Click to collapse
Did you try to flash the stock ROM.???
So today's been a big day, Let's Encrypt original CA expired at around 15:15 UK which is precisely when private DNS on my phone decided it wasn't going to play anymore.
DST Root CA X3 Expiration (September 2021) - Let's Encrypt
Update September 30, 2021 As planned, the DST Root CA X3 cross-sign has expired, and we’re now using our own ISRG Root X1 for trust on almost all devices. For more details about the plan, keep reading! We have also updated our Production Chain Changes thread on our community forum - our team and...
letsencrypt.org
The interesting thing is that Android trusts the new Let's Encrypt CA. Sure enough, browsing to the private DNS server in a web browser works fine. DavDroid/etc also work fine (same certificate used on that endpoint).
It appears that private DNS uses its very own CA certificate trust and this IS affected by the Let's Encrypt change.
So if your private DNS server stopped working with Android at around 15:15 today then check the server is using a Let's Encrypt certificate. This will be your problem.
Anyone know where I should file this bug with AOSP please do let me know. I have searched long and hard and really want this fixed!
I'm having the same issue, my tls dns server stopped to work on android, any solution?
Same problem with stock device Android 9. And /e/ ROM Android 10 on Gigaset GS290...
Oh dear, I spent the whole day debugging my DoT adguard instance today. Following while hoping there's a solution to this
guitphreak said:
Oh dear, I spent the whole day debugging my DoT adguard instance today. Following while hoping there's a solution to this
Click to expand...
Click to collapse
Also wasted the whole last day. So sad. This was a really great feature.
Same issue, right after launching the service. Tricky timing!
I'm wondering how to solve this in a different manner than having to replace the cert with non-letsencrypt
I'm already missing this feature very much. Can we try to install/configure our Android devices to trust ' ISRG Root X1 ' ?
edit: I just downloaded and trusted x1 on my android (https://letsencrypt.org/certificates/), no succes
topic on letsencrypt.org: https://community.letsencrypt.org/t/r3-intermediate-certificate-has-expired/160797/108
I'll have a look at alternative certificates for that VM. Google comes up with ZeroSSL. Seams like it'll be tonight's project
Problem solved for me.
I am using the acme.sh client (3.0.0) and regenerated (delete and recreate) my certificates with this settings :
--server letsencrypt --preferred-chain "ISRG Root X1"
More information here : https://github.com/acmesh-official/acme.sh/issues/3723#issuecomment-932143360
And here: https://github.com/acmesh-official/acme.sh/wiki/Preferred-Chain
PS: with certbot client:
certbot renew --preferred-chain "ISRG Root X1" --force-renewal
I have exactly the same problem. I have rented several vServers on which I have installed Pi-Hole and since yesterday ~8:00 (UTC) DNS over TLS no longer works. Have used nginx as proxy. My SSL certificates are all up to date and valid. With the tool Stubby (tested on Windows) I can connect and send DNS queries, but Android does not want.
Unfortunately, this does not seem to work. The parameter
Code:
--preferred-chain="ISRG Root X1"
does not work for certbot.
Code:
certbot: error: unrecognized arguments: --preferred-chain ISRG Root X1
But if I add the parameter
Code:
preferred_chain = ISRG Root X1
in
Code:
/etc/letsencrypt/renewal/domain.conf
, the certificate will be issued via ISRG Root X1.
After creating, the entry disappeared from the configuration.
However, Android 10 and 11 still can't connect.
Firefox says that everything is fine with the certificate.
Hoerli said:
I have exactly the same problem. I have rented several vServers on which I have installed Pi-Hole and since yesterday ~8:00 (UTC) DNS over TLS no longer works. Have used nginx as proxy. My SSL certificates are all up to date and valid. With the tool Stubby (tested on Windows) I can connect and send DNS queries, but Android does not want.
Unfortunately, this does not seem to work. The parameter
Code:
--preferred-chain="ISRG Root X1"
does not work for certbot.
Code:
certbot: error: unrecognized arguments: --preferred-chain ISRG Root X1
But if I add the parameter
Code:
preferred_chain = ISRG Root X1
in
Code:
/etc/letsencrypt/renewal/domain.conf
, the certificate will be issued via ISRG Root X1.
After creating, the entry disappeared from the configuration.
However, Android 10 and 11 still can't connect.
Firefox says that everything is fine with the certificate.
Click to expand...
Click to collapse
Which version of certbot client ?
Require 1.6.0 and more.
Better if 1.12.0 and more.
Latest is 1.19.0 now.
Check Certificate chain with: openssl s_client -connect yourdomain.tld:853
For me:
---
Certificate chain
0 s:CN = mydomain.tld
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
---
Tetsumaki said:
Which version of certbot client ?
Require 1.6.0 and more.
Better if 1.12.0 and more.
Latest is 1.19.0 now.
Check Certificate chain with: openssl s_client -connect yourdomain.tld:853
For me:
---
Certificate chain
0 s:CN = mydomain.tld
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
---
Click to expand...
Click to collapse
Oh now it seems to work ....
I have only ever used the official package source version.
For Debian 10:
Code:
[email protected]:~# apt-cache policy certbot | grep -i Installed
Installed: 0.31.0-1+deb10u1
I have now installed the latest version via snap (which I never use).
Code:
name: certbot
summary: Automatically configure HTTPS using Let's Encrypt
publisher: Certbot Project (certbot-eff✓)
store-url: https://snapcraft.io/certbot
contact: https://github.com/certbot/certbot/issues
license: unset
description: |
The objective of Certbot, Let's Encrypt, and the ACME (Automated
Certificate Management Environment) protocol is to make it possible
to set up an HTTPS server and have it automatically obtain a
browser-trusted certificate, without any human intervention. This is
accomplished by running a certificate management agent on the web
server.
This agent is used to:
- Automatically prove to the Let's Encrypt CA that you control the website
- Obtain a browser-trusted certificate and set it up on your web server
- Keep track of when your certificate is going to expire, and renew it
- Help you revoke the certificate if that ever becomes necessary.
commands:
- certbot
services:
certbot.renew: oneshot, enabled, inactive
snap-id: wy7i66qPx4neXr6m9rTh7Y40h8EhtZFh
tracking: latest/stable
refresh-date: today at 20:31 CEST
channels:
latest/stable: 1.19.0 2021-09-07 (1434) 44MB classic
latest/candidate: ↑
latest/beta: 1.19.0 2021-09-07 (1434) 44MB classic
latest/edge: 1.20.0.dev0 2021-10-01 (1498) 44MB classic
installed: 1.19.0 (1434) 44MB classic
The result with the certbot from the package sources:
Code:
Certificate chain
0 s:CN = mydomain.tld
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
i:O = Digital Signature Trust Co., CN = DST Root CA X3
With snap-version:
Code:
Certificate chain
0 s:CN = mydomain.tld
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
2 s:C = US, O = Internet Security Research Group, CN = ISRG Root X1
i:O = Digital Signature Trust Co., CN = DST Root CA X3
Ok, now I ran the command with --preferred-chain="ISRG Root X1" again for all certificates already issued.
Now it works after all
... and .... it works!
The old version of Certbot, has here in 2. place still made entries, which are now gone!
Code:
Certificate chain
0 s:CN = mydomain.tld
i:C = US, O = Let's Encrypt, CN = R3
1 s:C = US, O = Let's Encrypt, CN = R3
i:C = US, O = Internet Security Research Group, CN = ISRG Root X1
Thanks! it worked... the only think is that i had to remvoe certbot from apt on my 18.04 and add the one from snap
My pihole is up and running again