Share via

Error Connecting to Update Service 80072F8F

Logan Burnis 10 Reputation points
2024-02-22T22:00:35.14+00:00

We've been having issues where a majority of our newly imaged devices are able to install one round of windows updates but when the next month's updates are available, we start seeing various errors. These devices are also unable to install anything from the Microsoft Store. Below is a portion of the WindowsUpdate.log file:

FAILED [80072F8F] Send request

FAILED [80072F8F] WinHttp: SendRequestToServerForFileInformation (retrying with default proxy)

FAILED [80072F8F] Send request

FAILED [80072F8F] Library download error. Will retry. Retry Counter:0

FAILED [80072F8F] Send request

FAILED [80072F8F] WinHttp: SendRequestToServerForFileInformation (retrying with default proxy)

FAILED [80072F8F] Send request

FAILED [80072F8F] Library download error. Will retry. Retry Counter:1

FAILED [80072F8F] Send request

FAILED [80072F8F] WinHttp: SendRequestToServerForFileInformation (retrying with default proxy)

FAILED [80072F8F] Send request

FAILED [80072F8F] Library download error. Will retry. Retry Counter:2

FAILED [80072F8F] Send request

FAILED [80072F8F] WinHttp: SendRequestToServerForFileInformation (retrying with default proxy)

FAILED [80072F8F] Send request

Complete the request URL HTTPS://slscr.update.microsoft.com/SLS/{9482F4B4-E343-43B6-B170-9A65BC822C77}/x64/10.0.19045.3930/0?CH=399&L=en-US&P=&PT=0x4&WUA=10.0.19041.3693&MK=HP&MD=HP+EliteBook+860+16+inch+G9+Notebook+PC with [80072F8F] and http status code[0] and send SLS events.

FAILED [80072F8F] GetDownloadedOnWeakSSLCert

FAILED [80072F8F] Method failed [CSLSClient::GetResponse:702]

FAILED [80072F8F] Method failed [CSLSEndpointProvider::GetWUClientData:2650]

FAILED [80072F8F] EP: get client data

FAILED [80072F8F] Method failed [CSLSEndpointProvider::GetSecondaryServicesEnabledState:2050]

FAILED [80072F8F] Method failed [CAgentServiceManager::DetectAndToggleServiceState:3020]

FAILED [80072F8F] SLS sync failed during service registration.

 

I had found a few other examples of others with the same issues:

Windows Update: We couldn't connect to the update service. We'll try - Microsoft Community

Windows Update will not work after Windows 10 2004 (OS Build - Microsoft Community  

Currently, we are able to resolve this issue with the fix from the above two threads (importing the reg entries from a working computer's HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates). Many of the devices that we've been having to perform this fix on are already in the hands of users and it usually breaks m365 sign-in and windows hello until a reboot.

  Ultimately, I'm looking for a way to either fix this issue on existing devices without any disruption to the end user or (preferably) stopping it from breaking in the first place.  

Some other background info:   The system clocks are correct on affected devices.

The usual DISM / SFC/ Windows Update repairs have been run with no effect.

TLS 1.2 is enabled on affected devices.

Our security team is not seeing anything being blocked in the firewall (though if anybody has suggestions on what specifically to look for, I can forward that on to them).

This is happening to devices imaged through SCCM as well as our test devices that were done through autopilot. (Both are Win10). The WIM file in our SCCM image has the CU from January (1/24) injected into it, autopilot devices are using either the manufacturer's image or a relatively recent iso file from a usb stick.  

Our updates are managed by Intune /Autopatch. I believe that excludes us from this issue: Certificates are missing after you update a device to a newer version of Windows 10 - Windows Client | Microsoft Learn However, the fact that we only run into issues after updating once makes me think otherwise.  

I'm open to any tips or suggestions if somebody has them. This first popped up for us last October and I feel like I've hit a wall in terms of troubleshooting.

Windows for business | Windows Client for IT Pros | User experience | Other

7 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Wesley Li 11,255 Reputation points
    2024-02-26T09:32:02.74+00:00

    Hello "80072F8F" means "content decode has failed". There maybe something wrong with the encryption components. Since importing the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates registry key will resolve the issue, there may be somthing wrong with the certificate. We could try to enable the CAPI2 event log for more information to troubleshoot this issue. Right click the Event Viewer\Applications and Services\Microsoft\Windows\CAPI2\operation option and choose enable. Then reproduce the issue again, there should be some related events recorded. xumeipo 2.26

    1 person found this answer helpful.
  2. Wesley Li 11,255 Reputation points
    2024-02-26T09:34:29.59+00:00

    Hello "80072F8F" means "content decode has failed". There maybe something wrong with the encryption components. Since importing the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates registry key will resolve the issue, there may be somthing wrong with the certificate. We could try to enable the CAPI2 event log for more information to troubleshoot this issue. Right click the Event Viewer\Applications and Services\Microsoft\Windows\CAPI2\operation option and choose enable. Then reproduce the issue again, there should be some related events recorded. xumeipo 2.26

    0 comments
  3. Jonathan 21 Reputation points
    2024-03-19T14:31:51.4566667+00:00

    @Logan Burnis Did you find a solution (or why this appen) other than importing SystemCertificates\Authroot ? I have exactly the same errors. Devices that are not often used, so when no users are connected, Windows Update does not update.

    0 comments
  4. Jeremy King 0 Reputation points
    2024-03-20T18:39:50.1466667+00:00

    I have been having this issue also on a host of computers. I have found updating just the HKLM\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\AutoUpdate\DisallowedCertLastSyncTime value from a working machine fixes the issue temporarily. Seems to work for around a week. But that value never updates automatically like my working machines do. So after around a week, my updates start failing again. My windowsupdate.log has a failure of GetDownloadedOnWeakSSLCert. I enabled the CAPI23 event log, and seem to have some interesting errors there. An example error "The revocation function was unable to check revocation because the revocation server was offline." for the Microsoft ECC Update Secure Server CA 2.1.

  5. Jeremy King 0 Reputation points
    2024-03-27T22:12:13.01+00:00

    After trying many things, I noticed this command would tell me the last time the disallowed certificates was synced. I notice on a working computer it will sync every hour mostly, sometimes longer.

    certutil -verifyctl Disallowed | findstr /i "lastsynctime"

    On the computers that I could export a working reg and import into the broken computer, it would work for around a week, but the date for the disallowed cert would never update. After around a week it would stop updating again.

    The on thing I have found to get it working is to add the Network Services user to the Local admin group. After a reboot of the machine, the disallowed date comes current and I am able to run windows updates scans again.

    I am guessing it is some kind of permission issue, but for not it is a workaround.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.