Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Clients can't scan WSUS 4.0 server after June/July rollup installed

View products that this article applies to.


On a Windows Server Update Services (WSUS) 4.0 server that was configured to use the default website (leave as is, port 80 for WSUS traffic instead of 8530), you install the June or July monthly update or rollup. After that, you may find that clients can no longer successfully scan against the WSUS server.

↑ Back to the top


The June rollup (whose content is included in the July rollup and will be in all future rollups) adds a change to WSUS behavior that requires both HTTP and HTTPS bindings to be present in the IIS website configuration. When the server uses the default website, this HTTPS binding isn't automatically created. Installing a new WSUS server role after you apply either of these updates will generate the correct bindings, but existing WSUS installations must be manually updated to resume usual operation.

↑ Back to the top


Run the following commands at an elevated command prompt:

wsusutil.exe UseCustomWebsite true
wsusutil.exe UseCustomWebsite false

Note The two commands must be run in this order. The second command generates the HTTPS binding that's needed to unblock the scenario. However, it will only take effect if the website is configured as nondefault, which is done by the first command.

↑ Back to the top

Keywords: cannot scan wsus, wsus not working after installing rollup

↑ Back to the top

Article Info
Article ID : 4036995
Revision : 13
Created on : 8/24/2017
Published on : 8/24/2017
Exists online : False
Views : 333