I'm terrible when it comes to SSL, just never been able to get my brain wrapped
around it.
When reading this article about how WSUS if it isn't secured with SSL can be
hijacked by a man in the middle attack, they state that the WSUS server
contacting MS needs to have SSL enabled. What if you have a CAS that contacts
MS, does the primary that also has WSUS need SSL enabled, or since it wont
contact MS, enabling SSL isn't needed?
https://threatpost.com/manipulating-wsus-to-own-enterprises/114168
What about if you're using SCUP and you need to download the .cab from Adobe,
will enabling SSL on the CAS WSUS cause any issues?
How have others remediated this?
