How to Configure the Digital Certificate on the Update Server

  • Article

In System Center Updates Publisher, a digital certificate used to sign the updates in the catalog must be specified and the certificate must be copied to the appropriate certificate stores on the update server. The certificate must also be copied on the Updates Publisher computer if it is remote from the update server, before the catalog can be published to the update server. For more information about configuring the update server and creating the certificate used by the updates catalog, see How to Configure the Update Server.

There are several methods for adding the certificates to the appropriate certificate stores. The following procedure provides one method for configuring the certificate store.

To configure the certificate store on the update server

  1. Click Start, click Run, type MMC in the text box, and then click OK to open the Microsoft Management Console (MMC).

  2. Click File, click Add/Remove Snap-in, click Add, click Certificates, click Add, select Computer account, and then click Next.

  3. Select Another computer, type the name of the update server or click Browse to find the update server computer, click Finish, click Close, and then click OK.

  4. Expand Certificates (update server name), expand WSUS, and then click Certificates.

  5. In the results pane, right-click the desired certificate, click All Tasks, and then click Export.

  6. In the Certificate Export Wizard, use the default settings to create an export file with the name and location specified in the wizard. This file must be available to the update server before proceeding to the next step.

  7. Right-click Trusted Publishers, click All Tasks, and then click Import. Complete the Certificate Import Wizard using the exported file from step 6.

  8. If a self-signed certificate is used, such as WSUS Publishers Self-signed, right-click Trusted Root Certification Authorities, click All Tasks, and then click Import. Complete the Certificate Import Wizard using the exported file from step 6.

  9. Right-click Certificates (update server name), click Connect to another computer, enter the computer name for the Updates Publisher computer, and click OK.

  10. If Updates Publisher is remote from the update server, repeat steps 7 through 9 to import the certificate to the certificate store on the Updates Publisher computer.

See Also

Tasks

How to Configure Group Policy on Client Computers
How to Configure the Digital Certificate on Client Computers
How to Configure the Update Server

Concepts

Updates Publisher Administrator Checklist