This document will discuss how to create a WSUS self-signed certificate when WSUS is not configured to use SSL.
There is a defect in Shavlik Patch 2.2.568 where using a non-SSL connection on port 8530 to connect to the WSUS will cause self signed certificate creation. It is only possible to create a self-signed certificate without an SSL connection if it is done on the WSUS server. If done remotely, using our plug-in or PowerShell, you must have an SSL connection. You can verify which port you are using through Shavlik Patch > Setting > WSUS Server. This issue may happen when port 8530 is selected and 'Use Secure Layer (SSL) to connect to this server.' is not check-marked.
Creating the Self-signed certificates could fail at this point with a message stating a SSL connection is required.
You can use the following PowerShell commands below:
$wsus = [Microsoft.UpdateServices.Administration.AdminProxy]::getUpdateServer()
$config = $WSUS.GetConfiguration()
- The script must be run on the WSUS server.
Shavlik Patch 2.2.568