For details of Software Updates on Configuration Manager, see – http://technet.microsoft.com/en-us/library/bb680701.aspx
Below is the work that needs to be done on your WSUS server for native mode. Assuming you have already setup WSUS on another server using HTTP.
- At the command prompt on the WSUS server, change the directory to Install Drive\Program Files\Update Services\Tools.
- Execute the following command:wsusutil.exe configuressl <Machine FQDN>
For example, check the ports binded to IIS for HTTPS, if it’s 8531, the URL would be https://server.domain.com:8531 - Bind a webserver certificate to HTTPS on the WSUS server.
- Ensure SSL is enabled on the virtual directories listed below:
- ApiRemoting30
- ClientWebService
- DssAuthWebService
- ServerSyncWebService
- SimpleAuthWebService
- To keep WSUS functioning, you should not require SSL for the following virtual roots:
- Content
- Inventory
- ReportingWebService
- SelfUpdate.
- Monitor WCM.log and WSYNCMGR.log in C:\Program Files (x86)\Microsoft Configuration Manager\Logs to ensure WSUS sync is done successfully