5. Procedure – Enabling Windows update
Purpose:
To enable Windows update for the clients protected by the firewall, you have to import the certificate of the PNS CA that signs the certificates in keybridging into the client machines. To accomplish this, complete the following steps on the client hosts.
Note |
---|
An alternative to this solution is to disable SSL-proxying for the |
Prerequisite:
You will need the certificate of the PNS CA that signs the certificates in keybridging into the client machines. Export this certificate from MS, and make it available on your client hosts.
Steps:
Start the Microsoft Management Console (
).Select
.Click
, then select .Select
, then click .Select
and click . The Certificates module has been added to the Console Root tree.Expand the
node, then expand the node. Right-click on theCertificates
node, select , then click .Click PNS CA to be imported.
on the Welcome to the Certificate Import Wizard page. On the File to Import page, click , and locate the certificate of theOn the Certificate Store page, accept the default setting (
), click , then .Note Application-level Gateway must be able to verify the certificates of the Windows Update servers. To accomplish this, the certificates of the certificate authorities (CAs) issuing the certificates of the Windows update servers have to be imported into Application-level Gateway, if not already present. The following certificates have to be imported:
Microsoft Secure Server Authority
Microsoft Internet Authority
GTE CyberTrust Global Root
Published on June 04, 2020
© 2007-2019 BalaSys
Send your comments to support@balasys.hu