Share via

WSUS REPLICATE + SSL

Arnaud 1 Reputation point
2022-06-29T07:58:42.3+00:00

Hi,

I just migrate my WSUS infrastructure from http (8530) to https(8531) and I'm surprise to see some connections on 8530 port.

To explain quickly my Infrastructure :

Site A : MasterWSUS server + clients pc

Site B : ReplicateWSUS server + clients pc

What I did :

I follow the steps to migrate both MasterWSUS and ReplicateWSUS : https://learn.microsoft.com/fr-fr/mem/configmgr/sum/get-started/software-update-point-ssl (using my own pki)

On the ReplicateWSUS I specified the MasterWSUS to be the Source.

I specify in GPO RepicateWSUS and MAsterWSUS

My problem (maybe it's not...) :

I saw a lot of connections on http8530 from my replicate to my master.

Is it because we require ssl only for those : 

ApiRemoting30  
ClientWebService  
DSSAuthWebService  
ServerSyncWebService  
SimpleAuthWebService

And not for other ? Thank You

Windows for business | Windows Server | User experience | Other

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Adam J. Marshall 10,786 Reputation points MVP
    2022-06-29T15:00:43.12+00:00

    WSUS uses HTTP for downloads and HTTPS for control communication. Both are required when using SSL. Think of it like FTP... control is on port 21, and the data is on port 20 (or when passive mode, using random ports above 1024)

    Some relevant links:
    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-7-ssl-setup-for-wsus-and-why-you-should-care/
    https://www.ajtek.ca/wsus/client-machines-not-reporting-to-wsus-properly/

    Was this answer helpful?

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.