This is the Windows Server Update Services support team blog. We cover all things relating to WSUS and Windows Update.
Here's a cool tip that was sent to me by Joao Madureira, a Support Escalation Engineer in our WSUS group. If you want to use a self-signed cert in IIS7 for your WSUS clients then you'll want to take a look at this one:
Issue: After installing WSUS on a Windows 2008 server and enabling SSL using a self-signed certificate in IIS 7, the client machines may stop reporting with error 80072F8F.
Cause: The self-signed certificate used by IIS7 is not trusted in the domain.
More Information: IIS7 allows you to create it's own self-signed certificate instead of using a standalone certificate authority or domain certificate. In this case , after creating the certificate it's necessary to tell the client machines that the self-signed certificate is trusted in the domain.
Resolution: In order to allow the certificate to be trusted, you need to import the self-signed certificate to the domain trusted root certificate authority to allow the clients to use and trust the new cert.
A. Creating the self-signed certificate on IIS7:
B. Copy the .PFX file created with the export task to a Domain Controller.
C. Open the Group Policy Management Console and create a GPO for the certificate.
D. Go to computer configuration > Windows settings > security settings > public key policies> trusted root certification authority> right click and import.
E. Browse to the location where you copied the .PFX file and change the file type to personal information exchange *.pfx, p12.
F. Type the password to complete the process, leaving just Included all extended properties checked.
G. Choose the option to place all certificates in the following store : Trusted root certification authorities. Then click Next and Finish.
Once the policy updates, the clients should trust the certificate and begin working again.
J.C. Hornbeck | Manageability Knowledge Engineer
PingBack from http://diggwow.info/tags/101/200812/process-server-31.html
Not applicable in my case. Got the problem directly after installation at the check for updates process.
The system is not in a domain and no role is installed.