trouble using SSL on WSUS

Bart Poort Tue, 14 Mar 2006 10:01:30 -0800

Hi,

I having some trouble using SSL on WSUS. I configured the server and the
clients according to the deployment guide. The clients aren't having any
problemens when downloading updates through http. I have an unofficially
signed certificate and imported it in Internet Information Services
managen. I activated ssl for the clientwebservice, dssauthwebservice,
serversyncwebservice, simpleauthwebservice and wsusadmin.


I configured the client to use the WSUS server through https. When i force
the client to check for new updates (wuauclt /detectnow) the following
errormessage appears in the WindowsUpdate log:

2006-03-14      15:17:23        1048    d38     AU      #############
2006-03-14      15:17:23        1048    d38     AU      ## START ##  AU: Search 
for updates
2006-03-14      15:17:23        1048    d38     AU      #########
2006-03-14      15:17:23        1048    d38     AU      <<## SUBMITTED ## AU: 
Search for updates
[CallId = {C535C51C-A97E-4447-920F-C26B349DD626}]
2006-03-14      15:17:23        1048    428     Agent   *************
2006-03-14      15:17:23        1048    428     Agent   ** START **  Agent: 
Finding updates
[CallerId = AutomaticUpdates]
2006-03-14      15:17:23        1048    428     Agent   *********
2006-03-14      15:17:23        1048    428     Misc    WARNING: Send failed 
with hr = 80072f8f.
2006-03-14      15:17:23        1048    428     Misc    WARNING: SendRequest 
failed with hr =
80072f8f. Proxy List used: <(null)> Bypass List used : <(null)> Auth
Schemes used : <>
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
SendRequestUsingProxy
failed for <https://windowsupdate.xxxxxx.nl/selfupdate/wuident.cab>. error
0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation MakeRequest failed. error 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
ShouldFileBeDownloaded
failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: Send failed 
with hr = 80072f8f.
2006-03-14      15:17:23        1048    428     Misc    WARNING: SendRequest 
failed with hr =
80072f8f. Proxy List used: <(null)> Bypass List used : <(null)> Auth
Schemes used : <>
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
SendRequestUsingProxy
failed for <https://windowsupdate.xxxxxx.nl/selfupdate/wuident.cab>. error
0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation MakeRequest failed. error 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
ShouldFileBeDownloaded
failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: Send failed 
with hr = 80072f8f.
2006-03-14      15:17:23        1048    428     Misc    WARNING: SendRequest 
failed with hr =
80072f8f. Proxy List used: <(null)> Bypass List used : <(null)> Auth
Schemes used : <>
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
SendRequestUsingProxy
failed for <https://windowsupdate.xxxxxx.nl/selfupdate/wuident.cab>. error
0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation MakeRequest failed. error 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
ShouldFileBeDownloaded
failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: Send failed 
with hr = 80072f8f.
2006-03-14      15:17:23        1048    428     Misc    WARNING: SendRequest 
failed with hr =
80072f8f. Proxy List used: <(null)> Bypass List used : <(null)> Auth
Schemes used : <>
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
SendRequestUsingProxy
failed for <https://windowsupdate.xxxxxx.nl/selfupdate/wuident.cab>. error
0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation MakeRequest failed. error 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp:
SendRequestToServerForFileInformation failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: WinHttp: 
ShouldFileBeDownloaded
failed with 0x80072f8f
2006-03-14      15:17:23        1048    428     Misc    WARNING: 
DownloadFileInternal failed for
https://windowsupdate.xxxxxx.nl/selfupdate/wuident.cab: error 0x80072f8f
2006-03-14      15:17:23        1048    428     Setup   FATAL: IsUpdateRequired 
failed with
error 0x80072f8f
2006-03-14      15:17:23        1048    428     Setup   WARNING: SelfUpdate: 
Default Service:
IsUpdateRequired failed: 0x80072f8f
2006-03-14      15:17:23        1048    428     Setup   WARNING: SelfUpdate: 
Default Service:
IsUpdateRequired failed, error = 0x80072F8F
2006-03-14      15:17:23        1048    428     Agent     * WARNING: Skipping 
scan, self-update
check returned 0x80072F8F
2006-03-14      15:17:23        1048    428     Agent     * WARNING: Exit code 
= 0x80072F8F
2006-03-14      15:17:23        1048    428     Agent   *********
2006-03-14      15:17:23        1048    428     Agent   **  END  **  Agent: 
Finding updates
[CallerId = AutomaticUpdates]
2006-03-14      15:17:23        1048    428     Agent   *************
2006-03-14      15:17:23        1048    428     Agent   WARNING: WU client 
failed Searching for
update with error 0x80072f8f
2006-03-14      15:17:23        1048    428     AU      >>##  RESUMED  ## AU: 
Search for updates
[CallId = {C535C51C-A97E-4447-920F-C26B349DD626}]
2006-03-14      15:17:23        1048    428     AU        # WARNING: Search 
callback failed,
result = 0x80072F8F
2006-03-14      15:17:23        1048    428     AU      #########
2006-03-14      15:17:23        1048    428     AU      ##  END  ##  AU: Search 
for updates
[CallId = {C535C51C-A97E-4447-920F-C26B349DD626}]
2006-03-14      15:17:23        1048    428     AU      #############
2006-03-14      15:17:23        1048    428     AU      AU setting next 
detection timeout to
2006-03-14 15:15:01
2006-03-14      15:17:28        1048    428     Report  REPORT EVENT:
{96D02F42-470E-4CB4-A0B0-D68D39890A33}  2006-03-14
15:17:23+0100   1       148     101     {D67661EB-2423-451D-BF5D-13199E37DF28}  
0       80072f8f        SelfUpdate      Failure Software
Synchronization Error: Agent failed detecting with reason: 0x80072f8f

I've read on serveral sites that the server certificate has to be imported
to the client local Trusted Root CA so this is what i did.

I've made an export of the certificate on the wsus server (pfx format). I
copied it to one of my clients just to test it. I tried to import the
certificate to the local computer Trusted Root CA but it still doesn't
seem to work :-(. When i take a look at the certificate overview (on
Trusted Root CA, ALL view) my certificate appears not to be listed. So i
impoted the certificate but it isn't listed. where did it go?

Maybe this isn't the solution to my problem. If so, can anyone tell me
where to look?

Thanks in advance,

Bart


---------------------------------------------------------------------------
---------------------------------------------------------------------------

trouble using SSL on WSUS

Reply via email to