Catalog version 1.2.3, trying to publish our first update after purchase of Patch My PC. We've setup our WSUS to SSL - have both http and https available. Clients in testing have gone to the https side. I've got a valid cert on the publishing service, and have verified the updates are signed with same cert. Turned on publishing and the three clients i have in testing appear to have same cert. However, when running Windows Update, I get the above error.
{22EF6D8F-155B-495B-A0A0-C661FB1041E5} 2019-02-21 14:11:31:020-0500 1 148 [AGENT_DETECTION_FAILED] 101 {00000000-0000-0000-0000-000000000000} 0 800b0109 UpdateOrchestrator Failure Software Synchronization Windows Update Client failed to detect with error 0x800b0109. Km3z7UUvykqwGape.1.1.0.0.3.0
This means the clients don't trust the WSUS signing certificate. Please check out page 5 and 6 here: https://patchmypc.com/scupcatalog/documentation/PublishingServiceSetupGuide.pdf to make sure you deploy the certificate to the clients trusted root and trusted publishers certificate store.
This doesn't mean the cert on WSUS:8531, correct? It means the cert that's on the signature of the file/update?
Correct 0x800b0109 = A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
This means the client doesn't trust the certificate you used to sign the update files.
Got it all straightened out now, updates are working as designed. Great product, please keep up the great work!
We have a KB article again now for anyone else to gets this error and needs to resolution: https://patchmypc.com/third-party-updates-fail-to-install-with-error-0x800b0109-in-sccm (https://patchmypc.com/third-party-updates-fail-to-install-with-error-0x800b0109-in-sccm)