Installing and configuring WSUS, this is a task I have done time and time again BUT only a few of those has involved configuring SSL for WSUS. I was given a task to set up a WSUS for multiple customers within our datacenter and outside our datacenter so using a certificate and SSL was needed. After following Microsoft’s article on Securing WSUS with SSL¬†and adding the appropriate DNS records I fired up the WSUS Management console and could not connect to the server on port 443 as configured in IIS.

The server responded to ping using the FQDN I had assigned to it so no problem there. It just didn’t seem to accept the FQDN so I remembered a registry setting I used during migrations providing aliases to servers. The registry value should be located here, if it is not there just create it.

HKLM\SYSTEM\CurrentControlSet\Control\LSA\MSV1_0

Name: BackConnectionHostNames

Type: REG_MULTI_SZ

Value(s): Add the fqdn you want it to listen to e.g. server.domain.com, one line for each entry if you wish to have more than one.

After adding the FQDN and performing an IISRESET from an elevated command prompt I could establish a connection to the WSUS server using the FQDN and desired port.