WSUS Server also needs a certificate for SSL communication. Start IIS, choose server and double click Server Certificates
Under the Actions Panel, choose Create a Domain Certificate
Specify the information about your organization
Select your Root CA and give a name to your WSUS certificate.
Choose WSUS web site and click Bindings
Select the WSUS certificate you just created from the list box.
We also need to enable SSL encryption on the following virtual folders
• ApiRemoting30, ClientWebService, DSSAuthWebService, ServerSyncWebService, SimpleAuthWebService
Choose each virtual folder and double click SSL Settings
Select “Require SSL” and make sure Ignore is selected under Client Certificates and click Apply under the Actions panel.
Now we need to execute a command that will make wsus to use SSL.
Start Command Prompt with admin priviledges
Navigate to your WSUS installation folder, and run the command :
Now, Restart your WSUS server using the commands below and now your wsus server should be able communicate over SSL.
net stop WSUSService
net start WSUSService