Easy2Patch v4.0
Easy2Patch v4.0
  • Infrastructure Documents
  • Overview
    • What is Easy2Patch?
    • Request a new 3rd Party Applications
    • FAQs
    • Road Map
    • Release Notes
    • Version Compare
    • Licensing
  • Planning
    • POC Requirements for Easy2Patch 3.1
    • POC Requirements for Easy2Patch 4.0 Web Edition
    • Supported Configurations
    • Windows Operating System Requirements
    • SQL Server Requirements
    • Other Requirements
    • Network Considerations
    • Antivirus Exclusion List for Easy2PatchV3
    • Design
      • Update & Application & Intune (Server Deployment)
      • Standalone WSUS Deployment
      • Standalone Intune Deployment
  • Deployment
    • Installing WSUS Console
    • Installing SCCM Admin Console
    • Installing IIS Component for Easy2Patch 4.0
    • Configuring Intune Application Registration
    • Getting Code-Signing Certificate
    • Installing Easy2Patch 3.1
      • Upgrading to Easy2Patch 3.1.10
      • Licensing Easy2Patch 3.1
    • Installing Easy2Patch 4.0
      • Upgrading Easy2Patch 4.0
      • Easy2Patch Backup & Restore
      • Licensing Easy2Patch 4.0
  • Configuring
    • SSL Configuration in WSUS for 3rd Party Update
    • Configuring ConfigMgr for 3rd Party Updates
    • Easy2Patch 3.1 Settings
      • General
        • Certificate Management
        • Backup Settings
          • Restore Easy2Patch 3.x
        • General Settings
        • Application Deployment
        • Intune Deployment
        • Maintenance
      • Notification
        • E-Mail
        • Telegram
          • Creating a Telegram Bot
          • Telegram Chat ID
      • SCCM / WSUS / INTUNE
        • WSUS Settings
        • SCCM Settings
        • Database Settings
        • Intune Settings
      • Proxy
    • Easy2Patch 4.0 Settings
      • Migrate from Easy2Patch 3.x
      • General Settings
        • General
        • Identity
          • Active Directory
          • EntraID
            • Required Permissions for EntraID
        • Proxy
        • Log
        • Maintenance
        • Login
      • Deployment Settings
        • Process Conflict
        • Update
        • Application Deployment
        • Intune Deployment
        • Defender
      • Connection Settings
        • Database
        • SCCM
        • WSUS
        • Intune
      • Managements
        • Role
        • License
        • Certificate Management
      • Alert Settings
        • Notification
          • E-Mail
          • Telegram
            • Creating a Telegram Bot
            • Telegram Chat ID
            • Telegram Setting
        • Alerts
        • Recipients
  • Managing Easy2Patch
    • Easy2Patch 3.1
      • Update
      • Application Deployment
      • Intune Update
      • Intune Application
      • License Management
    • Easy2Patch 4.0
      • Dashboard
        • WSUS
        • SCCM
        • Intune
      • Update
        • Application Custom Settings
        • WSUS Maintenance
        • Side Menu
      • Application
        • Application Deployment Right Click Menu
        • Application Custom Settings
        • SCCM Maintenance
        • Side Menu
      • Intune Update
        • Intune Update Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • Intune Application
        • Intune Application Right Click Menu
        • Application Custom Settings
        • Intune Maintenance
        • Side Menu
      • CVE List
      • Schedule
      • Reporting
        • Update Status
  • Troubleshooting
    • Schema files not found!
    • Failed to sign package
    • Fixing 500.19 web.config error
    • Securing Windows Server
Powered by GitBook
On this page
  • Request SSL certificate for WSUS
  • WSUS Website Configuration
  • Convert WSUS to SSL with WSUSUtil

Was this helpful?

  1. Configuring

SSL Configuration in WSUS for 3rd Party Update

Scope: Easy2Patch (All Versions)

PreviousConfiguringNextConfiguring ConfigMgr for 3rd Party Updates

Last updated 10 months ago

Was this helpful?

To deploy 3rd party updates with WSUS and/or SCCM, SSL configuration on WSUS is required. Below are the steps to be done on WSUS and SCCM.

  1. Request SSL certificate for WSUS,

  2. WSUS Website configuration,

  3. Convert WSUS to SSL with WSUSUtil,

  4. 3rd Party settings on SCCM,

  5. Notification of WSUS address broadcast over SSL to client computers

Request SSL certificate for WSUS

SSL Certificate is required for the website where WSUS Web service is published. This certificate can be obtained from a trusted authority or corporate CA server. The certificate must be an HTTPS SSL certificate and must be in a format suitable for common security levels. Fields such as Common Name, Subject Name of the certificate must contain the FQDN (for example WSUSServer.domain.com) name of the WSUS server.

WSUS Website Configuration

Assign SSL Certificate for WSUS Web Site in Internet Information Services snap-in. give SSL sertificate for binding of Secure Port (for example: 8531 or 443)

Select Require SSL for the following applications of WSUS Site.

  • ApiRemoting30

  • ClientWebService

  • DssAuthWebService

  • ServerSyncWebService

  • SimpleAuthWebService

Convert WSUS to SSL with WSUSUtil

WSUSUtil tool used for converting WSUS Service from or to SSL/NonSSL. Following command should be running on WSUS server with administrative priviledge. When you open command line, open as administrator option should use.

WSUSUtil placed in WSUS installation folder. generally this tool exist under "C:\Program Files\Update Services\Tools"

wsusutil configuressl wsusserver.domain.com

wsusserver.domain.com address should replaced with your wsus servers FQDN name.