WSUS console is not opening after configuring on SSL Https 8531

    I want to share experience that which normally comes on my day to day technical life. If we do anything on domain environment and managing device quite simpler but while working on workgroup of the server and dealing with that quite challenges.  I will be presenting here that scenario that new implementation on AMAZON Cloud as customer is providing service as VM and none of the device are in domain. Requester want to implement complete WSUS solutions with SSL to patch all the provided VMs which hosted on Amazon Cloud.  Each vms are in network but not connected with domain.

Issue Reported :  Requester want to implement WSUS with SSL which all device are on workgroup.  WSUS console is not opening after configuring on SSL (Https ) -8531 

Requester holding below information:

WSUS on windows server 2012 R2 standalone ( workgroup) on port 8351

wildcard certificate from my trusted Root CA authority.

Imported Trusted Root CA store. 

Binding has been done on IIS for these virtual directory

SimpleAuthWebService 

DSSAuthWebService 

ServerSyncWebService 

APIRemoting30 

ClientWebService

       Executed these command c:\Program Files\Update Services\Tools”\ WSUSUTIL.exe configuressl <FQDN NAME>

Point 1: Considering that as we can installed WSUS many ways like internal DB or SQL.  How to configure WSUS  Refer this URL

Point 2: Now you have implemented WSUS with 8531 as SSL (Refer this URL for reference that how to implement SSL) After implement SSL WSUS Console is not getting open. 

To reaching nearest solution executed below command to get more details  c:\Program Files\Update Services\Tools”\ WSUSUTIL.exe CheckHealth

 It will give information error on event viewer. By seeing even view found many events ID reported with number : 12052,12042, 12022, 12032, 12012, 12002,13042

Point 3: By seeing error message on console found that as configure wile card certificate has DNA name. *.XYZ.NET but server has name like ABC and part of work group.

             Note: SSL Configure with issue certificate including DNS name entry, However whenever we have to open WSUS it has to resolve complete name but actually it was taking Local              Name (ABC). To fixing issue.

 Point 4: This will report issue when SSL is not getting handshake getting file with local Host name of the servers  (Primary DNS Suffix ) to match the name of the server’s FQDN (the same as on the SSL certificate)

        The detail steps as following:

  1. Go to Control Panel -> System and Security -> System 
  2. under Computer Name, Domain and Workgroup Settings, click Change Settings.
  3. Then, you can set the Primary DNS Suffix for your server

        Below are the screen shot for reference


After provided above information restarted wsus service and open console and it will open with SSL as needed.

Hope these will help you, Happy Learning

Thanks & Regards,

Haresh Hirani

Email: hiraniconfigmgr@outlook.com 

Follow me: https://www.linkedin.com/in/hiraniconfigmgr





0 Comments

    No Comments

Leave a Comment