WSUS Publishing Certificate

In order to deploy 3rd party updates via WSUS the server and the clients have to have the same self-signed certificate.

1. Launch Centero Software Manager and open WSUS-integration tab. Click Generate button in Server certificate section.

2. If there is no existing certificate (absent) on the server one will be created. If there already is a certificate (valid or not) CSM will confirm for replacing it. Click Yes if you would like to replace an existing certificate.

3. When a valid certificate exists, it must be deployed to clients in order to deploy the software updates. We recommend doing this by using a group policy object. Export the certificate by clicking Export button and save it to a location where you can access it with GPO management tool.

4. Open up Group Policy Management (gpmc.msc). Create a new GPO in a proper place and name it.

5. Edit it. And open the following container: Computer Configuration - Policies - Windows Settings - Security Settings - Public Key Policies.

6. Import the certificate to two different certificate-containers (Trusted Root Certification Authorities & Trusted Publishers) by clicking import.

7. Click Next.

8. Browser for the certificate, open it and click Next.

9. Click Next.

10. Click Finish.

11. Make sure that a similar certificate is in both of the certificate-containers: Trusted Root Certification Authorities and Trusted Publishers.

12. As soon as the GPO is is refreshed on the computers WSUS 3rd party deplyoments can be done.