MECM 2309 version | WSUS Sync issue |

Santhosh B S 101 Reputation points
2024-11-16T03:39:06.1033333+00:00

Team,

I have a Primary site on SUP role installed on another device. Both are running on Win server 2012 R2. SCCM is on 2309 version. (We have a plan to upgrade OS)

All settings intact but recently WSUS Sync stopped working and all required certificate is in place (recently renewed 2 months back). Running out of ideas. please help

WSYNCMGR.log

\\

Sync failed: WSUS server not configured. Please refer to WCM.log for configuration error details.. Source: CWSyncMgr::DoSync SMS_WSUS_SYNC_MANAGER 16/11/2024 02:40:15 6264 (0x1878)

STATMSG: ID=6703 SEV=E LEV=M SOURCE="SMS Server" COMP="SMS_WSUS_SYNC_MANAGER" SYS=PRI Site Server SITE=DC1 PID=3624 TID=6264 GMTDATE=Sat Nov 16 02:40:15.388 2024 ISTR0="CWSyncMgr::DoSync" ISTR1="WSUS server not configured. Please refer to WCM.log for configuration error details." ISTR2="" ISTR3="" ISTR4="" ISTR5="" ISTR6="" ISTR7="" ISTR8="" ISTR9="" NUMATTRS=0 LE=0X80004005 SMS_WSUS_SYNC_MANAGER 16/11/2024 02:40:15 6264 (0x1878)

Sync failed. Will retry in 60 minutes SMS_WSUS_SYNC_MANAGER 16/11/2024 02:40:15 6264 (0x1878)

\\

WCM.log

\\

Checking for supported version of WSUS (min WSUS 4.0) SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Checking runtime v4.0.30319... SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Found supported assembly Microsoft.UpdateServices.Administration version 4.0.0.0, file version 6.3.9600.16384 SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Found supported assembly Microsoft.UpdateServices.BaseApi version 4.0.0.0, file version 6.3.9600.18838 SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Supported WSUS version found SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Attempting connection to WSUS server: SCCMWSUS SERVER, port: 8531, useSSL: True SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:34 6248 (0x1868)

Remote connection failed with exception 'System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.~~ at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)~~ at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)~~ at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)~~ at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)~~ at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)~~ at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)~~ at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)~~ at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)~~ at System.Net.ConnectStream.WriteHeaders(Boolean async)~~ --- End of inner exception stack trace ---~~ at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)~~ at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber)'. Attempting to bypass proxy SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:35 6248 (0x1868)

Unable to configure proxy bypass SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:35 6248 (0x1868)

System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.~~ at System.Net.Security.SslState.StartSendAuthResetSignal(ProtocolToken message, AsyncProtocolRequest asyncRequest, Exception exception)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ProcessReceivedBlob(Byte[] buffer, Int32 count, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.CheckCompletionBeforeNextReceive(ProtocolToken message, AsyncProtocolRequest asyncRequest)~~ at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest, Boolean renegotiation)~~ at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult)~~ at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)~~ at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx)~~ at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)~~ at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result)~~ at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size)~~ at System.Net.PooledStream.Write(Byte[] buffer, Int32 offset, Int32 size)~~ at System.Net.ConnectStream.WriteHeaders(Boolean async)~~ --- End of inner exception stack trace ---~~ at Microsoft.SystemsManagementServer.WSUS.WSUSServer.ConnectToWSUSServer(String ServerName, Boolean UseSSL, Int32 PortNumber) SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:35 6248 (0x1868)

Remote configuration failed on WSUS Server. SMS_WSUS_CONFIGURATION_MANAGER 16/11/2024 03:32:35 6248 (0x1868)

Microsoft System Center
Microsoft System Center
A suite of Microsoft systems management products that offer solutions for managing datacenter resources, private clouds, and client devices.
1,023 questions
Microsoft Configuration Manager
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. AllenLiu-MSFT 45,761 Reputation points Microsoft Vendor
    2024-11-18T06:01:34.4433333+00:00

    Hi, @Santhosh B S

    Thank you for posting in Microsoft Q&A forum.

    It seems that your WSUS synchronization issue may be related to SSL certificate validation. The error message indicates that the remote certificate is invalid according to the validation procedure, which suggests that there might be a problem with the SSL configuration on your WSUS server.

    Here are some steps you can take to troubleshoot the issue:

    1. Verify SSL Certificate: Ensure that the SSL certificate installed on the WSUS server is valid and not expired. The fully qualified domain name (FQDN) specified in the Site System properties must match the FQDN in the certificate.
    2. Check WSUS Configuration: Make sure that the WSUS server is configured to use SSL correctly. You can verify this by checking the WSUS console settings and ensuring that the "Use SSL when synchronizing update information" option is selected.
    3. Review Port Settings: Confirm that the port settings configured for the software update point match those used by the WSUS server. This includes ensuring that the correct port (8531) is being used for SSL connections.
    4. Check Connectivity: If the WSUS server is remote, ensure that the site server can connect to it. You can test this by using the WSUS Administration console to connect to the WSUS server and checking for any connectivity issues.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Add comment".

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.