For details of Software Updates on Configuration Manager, see – http://technet.microsoft.com/en-us/library/bb680701.aspx

Below is the work that needs to be done on your WSUS server for native mode. Assuming you have already setup WSUS on another server using HTTP.

1. At the command prompt on the WSUS server, change the directory to Install Drive\Program Files\Update Services\Tools.
2. Execute the following command:wsusutil.exe configuressl <Machine FQDN>
   For example, check the ports binded to IIS for HTTPS, if it’s 8531, the URL would be https://server.domain.com:8531
3. Bind a webserver certificate to HTTPS on the WSUS server.
4. Ensure SSL is enabled on the virtual directories listed below:
   • ApiRemoting30
   • ClientWebService
   • DssAuthWebService
   • ServerSyncWebService
   • SimpleAuthWebService
5. To keep WSUS functioning, you should not require SSL for the following virtual roots:

• Content
• Inventory
• ReportingWebService
• SelfUpdate.

1. Monitor WCM.log and WSYNCMGR.log in C:\Program Files (x86)\Microsoft Configuration Manager\Logs to ensure WSUS sync is done successfully