No Windows Updates with SSL Inspection

Spielkultur_1
Spielkultur_1 Posts: 13  Freshman Member
First Comment
edited April 2021 in Security

Hello together,

if the ssl inspection is turned on, no more windows updates can be executed on the clients. I have already read that it´s a certificate problem and that you have to exclude the windows update domains from the ssl inspection. I have already done that, but unfortunately it has brought nothing. I excluded the following domains from SSL inspection:

windowsupdate.microsoft.com 

update.microsoft.com 

download.windowsupdate.com 

redir.metaservices.microsoft.com 

images.metaservices.microsoft.com 

c.microsoft.com 

download.windowsupdate.com 

wustat.windows.com 

crl.microsoft.com


Can anyone help me with this problem?

Thanks!

All Replies

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,426  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer

    Hi @Spielkultur_1

    Can you help to check if there is any other domain related to Microsoft in USG Certificate Cache List?  


    Certificate Cache List at “Monitor > UTM Statstics > SSL inspection > Certificate Cache List”


  • itxnc
    itxnc Posts: 98  Ally Member
    First Anniversary 10 Comments Friend Collector
    edited October 2019
    Add *.mp.microsoft.com

    Fixed it for me.

Security Highlight