Forum Discussion
WSUS Certificate pinning
Hi, is there any docs as to how to enable certificate pinning? Asking because in those posts, it says that we can do this to secure our WSUS servers, but I can't seem to find out to actually do i...
Jason_Sandys
Microsoft
MicrosoftHi Stephane,
The details are documented at https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/about-client-settings#enforce-tls-certificate-pinning-for-windows-update-client-for-detecting-updates. Basically, you need to add the HTTPS cert configured for WSUS to the WindowsServerUpdateServices cert store on the clients.
The details are documented at https://docs.microsoft.com/en-us/mem/configmgr/core/clients/deploy/about-client-settings#enforce-tls-certificate-pinning-for-windows-update-client-for-detecting-updates. Basically, you need to add the HTTPS cert configured for WSUS to the WindowsServerUpdateServices cert store on the clients.