We are currently running SCCM 2012R2 on Server 2012 (not R2) with WSUS 4.0. We have a single SCCM primary server which has WSUS 4.0 and just about everything else needed for SCCM, and two other site servers running just DP's/MP's. Everything is running just fine.
We are starting to set up SCUP 2011, and we have it installed on the SCCM primary (I don't see a need to install it on another server or some admins workstation). Looking over the docs and some blogs, there seems to be some conflicting/confusing information on the certificate requirements based on the version of your server OS and the version of WSUS. I was just going to follow the instructions and use the self-signed cert created within SCUP. However I was looking over an MS article regarding the fact that WSUS 4.0 will no longer create self-signed certs (on Server 2012R2) because of the management mess the create. We are on 2012, not 2012R2. But I figured that if we are just setting things up now it might be best to be forward thinking and use our CA to create the cert. I started following this article: http://blogs.technet.com/b/jasonlewis/archive/2011/07/12/system-center-updates-publisher-signing-certificate-requirements-amp-step-by-step-guide.aspx#pi47623=2. However when I get to Step 2, there are some discrepancies , and looking thru the comments there is some back and forth about whether the cert created at the beginning is even the correct type. So if you are running SCUP how are you handling the cert and/or is there some straightforward guidance on all this that I am missing? Thanks. Mark Kent (MCP) Sr. Desktop Systems Engineer Computing & Technology Services - SUNY Buffalo State
