SCCM 2012 R2 SUP Sync Error

Hi Guys,

My Primary software update point just started giving this error suddenly, it is running on Server 2008 R2, SUP ports are 80 and 443, nothing has changed but now when trying to run a Software Update sync, i get the following error in my wsyncmgr.log.

Sync failed: UssCommunicationError: WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. ---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.~~at System.Web.Services.Protocols.WebClientProtocol.GetWebResponse(WebRequest request). Source: Microsoft.SystemsManagementServer.SoftwareUpdatesManagement.WsusSyncAction.WSyncAction.SyncWSUS

I did recently add a downstream SUP role to one of my seconday sites which is running Server 2012 R2 if that helps.

Please could someone point me in the right direction.


Leon TaljaardSystem Center Specialist - ArchitectureAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Nagendra Pratap SinghDesktop Applications SpecialistCommented:
Are you using PKI?

Please check if your certificates are not expired and correctly imported.
Leon TaljaardSystem Center Specialist - ArchitectureAuthor Commented:

No we are not using PKI, this was all working perfectly about 2 days ago.

Just started recently.
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
Please upload wcm.log as an attachment.
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

Leon TaljaardSystem Center Specialist - ArchitectureAuthor Commented:

I have attached the WCM.log from the primary SUP.

Could it be perhaps that the primary SUP is using ports 80 and 443 and the newly secondary site SUP being server 2012 R2 is using 8530 and 8531 ?
Nagendra Pratap SinghDesktop Applications SpecialistCommented:
I would remove SUP at secondary and see it it resolves .

Please upload wsyncmgr.log and let us know if it syncs sometime?

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Leon TaljaardSystem Center Specialist - ArchitectureAuthor Commented:

Apologies for the delayed reply but i have been traveling.

I checked the server again and the error was gone but i have the a timeout error now, i am busy cleaning up the WSUS DB to see if this will fix it, but my original question can be closed.

Thank you for the help and direction.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Applications

From novice to tech pro — start learning today.