Published Updates Fail To Install On Client With Error: Failed To Download Updates To The WUAgent Datastore. Error = 0x800b0109

Version 7

    Symptoms

     

    Updates publish without issue but they fail to install on the client.

    This error has been shown on C:\Windows\SysWOW64\CCM\Logs\WUAHandler.log

     

    Failed to download updates to the WUAgent datastore. Error = 0x800b0109

     

    Cause

     

    Self signed certificates are not in the local computers Trusted Publishers and Trusted Root Certification Authorities store and you will need to enable Allow signed updates from an intranet Microsoft update service location.

     

    Solution

     

    1) Import the WSUS self signed certificate to the client computer's Trusted Publishers and Trusted Root Certification Authorities and to change this setting in GPO.

    NOTE: Make sure that you are checking the client's Local Computer account and not the client's User Account stores in MMC for the certificates. If it is in the User Account, the issue will still be present. It must be in the Local Computer store.

     

    2) Create a GPO which will import this certificate and enable Allow signed updates from an intranet Microsoft update service location.

    Please refer to Page 39 of the Administrator Guide

     

    GPEditor.PNG

     

    To check this policy locally go to run and type in gpedit.msc

    Then navigate to Computer Configuration > Windows Components > Windows Update

     

    Enabled.PNG

     

    3) If the issue is still present add the following DWORD to the registry. 

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AcceptTrustedPublisherCerts

    Modify and change the value to 1 in decimal.

     

    Trustedpublisherregkey.PNG

     

    Affected Product(s)

     

    Shavlik Patch