I have our internal WSUS working over SSL for my entire domain EXCEPT for one particular OU. I can check for and download updates from all other machines with no problems. To complicate matters all of the clients in this problem OU are clones from the same image.
A few of the symptoms on the non-working clients:
- Duplicate SusClientIDs
- Domain certificates not automatically populated in certmgr.msc (as compared to all other machines where they are)
- If I change the WSUS GPO to HTTP the problem clients work with WSUS straight away.
I have addressed the duplicate SusClientID issue by deleting the bad registry entries and re-authenticating but still no joy over SSL. I have also corrected duplicate SIDs and no joy.
What on Earth am I missing?
Any help here is greatly appreciated.