Common Errors and Resolutions for System Center Updates Publisher 2011

System Center Updates Publisher 2011 has been released recently.
You can download it now from: https://www.microsoft.com/downloads/en/details.aspx?FamilyID=083f45ca-1ede-4f7a-be74-77854c3a9b01&displaylang=en

When you start your surfing on the new release of SCUP, you may encounter some common errors. This blog will list some of the common error you may receive and tell you the reason and how to solve it: 

Error code/info	Possible reason and resolution
In SCUP.log cannot access a closed Stream	WSUS hotfix not installed.
In SCUP.log Publisher.SignPackageCab Error signing cab	You’re in a network without direct internet access.Uncheck the “Add timestamp when signing updates (requires internet connectivity)” in Options->Advanced.
In SCUP.log WindowsDataProtection was unable to decrypt data	Only enable proxy when you actually need it to download from internet.And disable proxy when you need to download content from local UNC.
In SCUP.log CabUtilities.CheckCertificateSignature File cert verification failed for \\minfang2\UpdateServicesPackages\f19878e1-020a-41c0-a2d9-47a0ccaffbeb\247cff60-f85c-48f8-ba37-ebcaaa831540_1.cab with 2148204810 Publisher.VerifyAndPublishPackage VerifyAndPublishPackage(): Failed to Verify Signature for file: \\minfang2\UpdateServicesPackages\f19878e1-020a-41c0-a2d9-47a0ccaffbeb\247cff60-f85c-48f8-ba37-ebcaaa831540_1.cab	If you’re using a pfx file to create the signing certificate, make sure you have imported its root CA into the Trusted Root CA and Trusted Publisher Store.
In WindowsUpdate.log Update failed to install with error code:0x80242009	The msp package doesn’t have FullFilePatchCode attribute.
In WindowsUpdate.log Update shows not applicable:WARNING: update {7A546DBB-8BB9-4245-B043-2F0D50CF063F}.1 has no install blob, prune itAnd finally it will failed with error code 0x80240017 in SMS log (SUS_E_NOT_APPLICABLE, install is not needed)	Try to install an update that has been published as metadata only. Customers need to publish it as full content again before they deploy it to client.Metadata only publish is for scan purpose only.
In WindowsUpdate.log Update is not trusted:WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\Download\ c82fa2bbf58594e72a7d6fcdd0e61459_ctc\sccm2007ac-sp2-kb977384-x86-enu.cab are not trusted: Error 0x800b0109	Check wsus certificate is imported and “Allow signed content from intranet Microsoft update service location” is enabledhttps://technet.microsoft.com/en-us/library/bb530992.aspx
In WindowsUpdate.log Update is not trusted:Trusted Publisher: No2010-12-05 18:48:15:578 868 cb0 Misc WARNING: Digital Signatures on file C:\WINDOWS\SoftwareDistribution\Download\ c6872cb69b5355433e2bd4a1c75a3399ef1ffb2d are not trusted: Error 0x800b0004	Verify if you have published this update as metaonly.
In PatchDownload.log Patch download fail:Connected to \\SCCMVM01232\root\sms\site_CAR Software Updates Patch Downloader 3/31/2011 6:49:34 PM 6420 (0x1914)Download destination = \\sccmvm01232\sus\6c4996dd-2d0b-4607-8735-f250fadf3041.1\Advert.exe . Software Updates Patch Downloader 3/31/2011 6:49:35 PM 6420 (0x1914)Contentsource = https://updatespublishermetadataonlysoftwareupdate/ . Software Updates Patch Downloader 3/31/2011 6:49:35 PM 6420 (0x1914)Downloading content for ContentID = 43, FileName = Advert.exe. Software Updates Patch Downloader 3/31/2011 6:49:35 PM 6420 (0x1914)HttpSendRequest failed 12007 Software Updates Patch Downloader 3/31/2011 6:49:35 PM 3960 (0x0F78)	Verify if you have published this update as full content.

Comments

• Anonymous
  January 05, 2012
  Common Errors and Resolutios  ---   Check your spelling please  :-)

• Anonymous
  January 17, 2013
  Thanks for this blog - it was very helpful for me!

• Anonymous
  April 23, 2013
  Thanks alot

• Anonymous
  May 28, 2013
  Hi - Can anyone explain about the error and solution.. Error 0x800B0004: The subject is not trusted for the specified action.

• Anonymous
  August 12, 2015
  Is it possible to expire a scup package - if you don't have the pfx it was signed with? I do have the pfx actually, but the password doesn't seem to be in any of the keypass databases we keep.

• Anonymous
  September 22, 2015
  Thanks.. Good port and it helped me