Thursday, May 26, 2016

WSUS in Windows Server 2012 R2 doesn't allow self-signed certificates by default

Hi there!

Microsoft has made a change in WSUS in Windows Server 2012 R2 which doesn't allow the use of self-signed certificates by default.
This results with errors in some applications, for example, System Center Updates Publisher (SCUP).

If you go to SCUP console and try to create a self-signed certificate you would get an error saying that "The test connection succeeded. However, no signing certificate was detected for update server".

To remedy this just go to this registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Update Services\Server\Setup\
and create a DWORD value
EnableSelfSignedCertificates = 1

More information here https://blogs.technet.microsoft.com/wsus/2013/08/15/wsus-no-longer-issues-self-signed-certificates/ 

No comments:

Post a Comment