Messages

Thank you.

The situation was resolved by the "Allow signed updates for an intranet Microsoft update service location" policy.
Did not realize our GPO was issued to Desktops but not Servers for the above.

Issue Summary:
Third-party patches from PatchMyPC install successfully on Windows 10 but encounter an error ("Some update files aren't signed correctly, Error: 0x800b0109") on all editions of Windows Server.

Background:
The environment is airgapped, utilizing WSUS Standalone, with both WSUS and PatchMyPC on a source system connected to the internet. A self-signed certificate generated from the source WSUS is distributed to the airgapped environment through Group Policy. The same certificate is applied via the same GPO to both Windows 10 and Windows Server 2016/2019, residing in Trusted Root CA and Trusted Publishers on all operating systems.

Possible Cause:
The issue may stem from a missing supporting certificate. Attempts to resolve the problem by copying certificates from VeriSign and GlobalTrust from working Windows 10 machines, to the servers have been unsuccessful.

Do you guys know specifically what certificates are required or what might my problem be?