• Welcome to Support Forum: Get Support for Patch My PC Products and Services.
 

Some update files aren't signed correctly. Error code: 0x800b0109

Started by rcarr, February 21, 2019, 12:23:12 PM

Previous topic - Next topic

rcarr

Catalog version 1.2.3, trying to publish our first update after purchase of Patch My PC. We've setup our WSUS to SSL - have both http and https available. Clients in testing have gone to the https side. I've got a valid cert on the publishing service, and have verified the updates are signed with same cert. Turned on publishing and the three clients i have in testing appear to have same cert. However, when running Windows Update, I get the above error.

{22EF6D8F-155B-495B-A0A0-C661FB1041E5}   2019-02-21 14:11:31:020-0500   1   148 [AGENT_DETECTION_FAILED]   101   {00000000-0000-0000-0000-000000000000}   0   800b0109   UpdateOrchestrator   Failure   Software Synchronization   Windows Update Client failed to detect with error 0x800b0109.   Km3z7UUvykqwGape.1.1.0.0.3.0

Justin Chalfant (Patch My PC)

This means the clients don't trust the WSUS signing certificate. Please check out page 5 and 6 here: https://patchmypc.com/scupcatalog/documentation/PublishingServiceSetupGuide.pdf to make sure you deploy the certificate to the clients trusted root and trusted publishers certificate store.

rcarr

This doesn't mean the cert on WSUS:8531, correct? It means the cert that's on the signature of the file/update?

Justin Chalfant (Patch My PC)

Correct 0x800b0109 = A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

This means the client doesn't trust the certificate you used to sign the update files.

rcarr

Got it all straightened out now, updates are working as designed. Great product, please keep up the great work!

Justin Chalfant (Patch My PC)