Errors below received when attempting to sync Dell third-Party Software Update Catalog. Dell updates such as BIOS are appearing under All Software Updates, but the sync will not show as successful. Already tried unsubscribing and re-subscribing.
SyncUpdateCatalog: Unexpected error during synchronization of catalog SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: ==================== Exception Detail Start ======================= SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Exception type: WsusObjectNotFoundException SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Exception HRESULT: -2146233088 SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Exception Message: Cannot publish package, the following Prerequisites haven't been published yet.~~c85d3eef-07cd-4ee8-858d-7d2b1b9d7246, ff87fb86-3b4e-498b-946f-d162fb06e517, 45918db7-d45d-47d1-803c-74d4fef63688, c0ff1b23-3edb-4e85-9d11-3621b4e4393b SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Exception source Microsoft.UpdateServices.BaseApi SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Exception TargetSite Void VerifyPackageRulesAndState() SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: Stack at Microsoft.UpdateServices.Internal.BaseApi.Publisher.VerifyPackageRulesAndState()~~ at Microsoft.UpdateServices.Internal.BaseApi.Publisher.RevisePackage()~~ at Microsoft.UpdateServices.Internal.BaseApi.Update.ExpirePackage()~~ at Microsoft.ConfigurationManager.ISVUpdatesSyncAgent.WSUS.UpdateServicesWrapper.ExpireUpdate(ILogger logger, ISoftwareDistributionPackageWrapper updateSdp)~~ at Microsoft.ConfigurationManager.ISVUpdatesSyncAgent.SyncUpdateCatalog.PublishUpdate(PublishStateEvaluator wsusEvaluator, ISoftwareDistributionPackageWrapper updateSdp, PublishAction updatePublishAction, CategoryPublishOption categoryStatus, List1 successList, List
1 failedList)~~ at Microsoft.ConfigurationManager.ISVUpdatesSyncAgent.SyncUpdateCatalog.PublishUpdates()~~ at System.Threading.Tasks.Task`1.InnerInvoke()~~ at System.Threading.Tasks.Task.Execute()~~--- End of stack trace from previous location where exception was thrown ---~~ at System.Runtime.ExceptionServices.ExceptionDispatchInfo.Throw()~~ at System.Runtime.CompilerServices.TaskAwaiter.HandleNonSuccessAndDebuggerNotification(Task task)~~ at Microsoft.ConfigurationManager.ISVUpdatesSyncAgent.SyncUpdateCatalog.<DoWorkImplementation>d__19.MoveNext() SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
SyncUpdateCatalog: ===================== Exception Detail End ======================== SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
STATMSG: (SRVMSG_SMS_ISVUPDATES_SYNCAGENT_CATALOG_SYNC_FAILED). SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:36:33 AM 2068 (0x0814)
Errors below when attempting to publish a third party update from any third party vendor, not just Dell. Already confirmed the WSUS Code Signing Certificate is installed in the correct local computer certificate locations (Trusted Publishers and trusted root containers) on the site server, remote wsus server, remote SUSDB server, and MECM console client (also fails when syncing from site server). I also confirmed I can download the dell .cab directly. I already tried re-creating a new WSUS Code Signing Certificate with same results.
The EnableSelfSignedCertificates registry entry (HKLM\Software\Microsoft\Update Services\Server\Setup, DWORD named EnableSelfSignedCertificates with a value of 1) has also been added to the site server, remote wsus server, and remote SUSDB server. The WSUS Code Signing Certificate along with Dell certs are unblocked in the ConfigMgr console under Administration>Security>Certificates.
I'm wondering if having a SUSDB that is on a remote SQL server separate from the remote WSUS server is not supported for third party updates vs. having WSUS and the SUSB on the same server. I'm looking for clarification on this and a solution other than having to rebuild WSUS.
SyncUpdate: 0c9dd6bc-56fe-4bfc-bf57-077feb52c56f - Download of is 96 percent completed. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:24 AM 5336 (0x14D8)
SyncUpdate: 0c9dd6bc-56fe-4bfc-bf57-077feb52c56f - Successfully completed download of content from 'https://downloads.dell.com/FOLDER08416075M/1/OptiPlex_XXXX_1.11.0.exe' to 'E:\SMS\ISVTemp\lftf1ep1.dho\OptiPlex_XXXX_1.11.0.exe. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:24 AM 1280 (0x0500)
SyncUpdate: File 'E:\SMS\ISVTemp\lftf1ep1.dho\OptiPlex_XXXX_1.11.0.exe' appears to be signed, retrieved certificate, checking signature... SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:24 AM 5176 (0x1438)
SyncUpdate: 0c9dd6bc-56fe-4bfc-bf57-077feb52c56f - Signature check on download binary has completed. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:25 AM 5176 (0x1438)
SyncUpdate: 0c9dd6bc-56fe-4bfc-bf57-077feb52c56f - Calling WSUS to add content for 'Dell OptiPlex XXXX System BIOS,1.11.0,1.11.0' (Update:'0c9dd6bc-56fe-4bfc-bf57-077feb52c56f') Vendor 'Dell' Product:'Bios' SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:25 AM 8976 (0x2310)
SyncUpdate: InvalidException occurred in update server API Publish SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: ==================== Exception Detail Start ======================= SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Exception type: InvalidOperationException SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Exception HRESULT: -2146233079 SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Exception Message: Failed to sign package; error was: 2148081670 SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Exception source Microsoft.UpdateServices.BaseApi SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Exception TargetSite Void SignPackageCab(Boolean, System.String) SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Stack at Microsoft.UpdateServices.Internal.BaseApi.Publisher.SignPackageCab(Boolean dualSign, String httpTimeStamp)~~ at Microsoft.UpdateServices.Internal.BaseApi.Publisher.PublishPackage(String sourcePath, String additionalSourcePath, String packageDirectoryName, Boolean dualSign, String httpTimeStamp)~~ at Microsoft.ConfigurationManager.ISVUpdatesSyncAgent.WSUS.UpdateServicesWrapper.AddContentForUpdate(ILogger logger, ISoftwareDistributionPackageWrapper updateSdp, String contentLocation, StatusMessageReporter statusMessageReporter) SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: ===================== Exception Detail End ======================== SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: Verify the WSUS signing certificate has been configured properly: SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: 1) The signing certificate must not be expired. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: 2) The signing certificate must be in the Trusted Publishers container on the WSUS server. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: 3) If using self-signed certificates, the certificate must also be in the trusted root container on the WSUS server. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: 4) If using PKI certificates, the certificate must have been issued by a trusted CA. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
STATMSG: (SRVMSG_SMS_ISVUPDATES_SYNCAGENT_UPDATECONTENT_PUBLISH_FAIL_CERTCONFIG). SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)
SyncUpdate: 0c9dd6bc-56fe-4bfc-bf57-077feb52c56f - Failed to add content for 'Dell OptiPlex XXXX System BIOS,1.11.0,1.11.0' (Update:'0c9dd6bc-56fe-4bfc-bf57-077feb52c56f') Vendor 'Dell' Product:'Bios' to WSUS. SMS_ISVUPDATES_SYNCAGENT 6/7/2022 10:42:57 AM 8976 (0x2310)