You can just create the binding at the root of the WSUS admin website. Or you can do all 5 individual vdirs if you want.
The binding should be: IP address: * (if you have multiple IPs) Port: 8531 Cert: the cert with CN or SAN that matches the FQDN used by users Then run the WSUSutil tool That's it. > And tried accessing https://wsus2012.imcu.local:8531/selfupdate/iuident.cab > and returned a bad page. Now, when you say you got a "bad page" - what does that mean exactly? A 404? A 500? If you can't tell from the webpage itself, look in the IIS log file instead. What the HTTP status and substatus codes? (sc-status and sc-substatus columns)? Also, if you access that same file via HTTP: http://wsus2012.imcu.local:8530/selfupdate/iuident.cab does that request work? Cheers Ken From: [email protected] [mailto:[email protected]] On Behalf Of David McSpadden Sent: Thursday, 1 January 2015 4:17 AM To: '[email protected]' Subject: [NTSysADM] RE: Cross Post WSUS SSL No. DIdn't see it in the instructions I had. They just said to apply the use SSL on the 5 sites and run the WSUSutil when I was done. Where can I find better instructions? From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Damien Solodow Sent: Wednesday, December 31, 2014 12:11 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Cross Post WSUS SSL Have you created a binding in IIS for https using the name wsus2012.imcu.local and the cert? DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David McSpadden Sent: Wednesday, December 31, 2014 12:06 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Cross Post WSUS SSL On the master the FQDN is either 120314FMWU1201.imcu.local or WSUS2012.imcu.local. I can ping them both and get the correct IP returned ( this may be a bogus test please let me know) I ran the WSUSUTIL twice once with each name. In IIS 7.0 I was able to select USE ssl in the 5 virtual directories and apply with no incident. Then I ran IISRESET /RESTART /NOFORCE And tried accessing https://wsus2012.imcu.local:8531/selfupdate/iuident.cab and returned a bad page. From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Damien Solodow Sent: Wednesday, December 31, 2014 12:00 PM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Cross Post WSUS SSL Ok. Does the FQDN of the master WSUS server match the CommonName or SubjectAlternativeName of the SSL cert you have installed on it? What happens when you try to create the SSL binding in IIS? DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David McSpadden Sent: Wednesday, December 31, 2014 11:54 AM To: '[email protected]' Subject: [NTSysADM] RE: Cross Post WSUS SSL Windows 2012 R2 WSUS 6.2.9200.16384 Master Mix of WSUS 3.2 and WSUS 6.2 for replicas' on 2012 and 2008 servers From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of Damien Solodow Sent: Wednesday, December 31, 2014 11:42 AM To: [email protected]<mailto:[email protected]> Subject: [NTSysADM] RE: Cross Post WSUS SSL Which version of WSUS and Windows? DAMIEN SOLODOW Systems Engineer 317.447.6033 (office) 317.447.6014 (fax) HARRISON COLLEGE From: [email protected]<mailto:[email protected]> [mailto:[email protected]] On Behalf Of David McSpadden Sent: Wednesday, December 31, 2014 11:38 AM To: '[email protected]' Subject: [NTSysADM] Cross Post WSUS SSL Where is good documentation on setting this up? I have everything working on port 8530. Wanting to add SSL and it is failing. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email. This e-mail and any files transmitted with it are property of Indiana Members Credit Union, are confidential, and are intended solely for the use of the individual or entity to whom this e-mail is addressed. If you are not one of the named recipient(s) or otherwise have reason to believe that you have received this message in error, please notify the sender and delete this message immediately from your computer. Any other use, retention, dissemination, forwarding, printing, or copying of this email is strictly prohibited. Please consider the environment before printing this email.
