Configure Publisher to Catalog (one-time setup)
- Open updates publisher
- Click on Catalog Workspace (lower left)
- Click on Add (not add catalogs)
- Catalog Path: http://catalog.jetpatch.com/JetPatch-Catalog.cab
- Publisher: JetPatch
- Name: JetPatch3rdPartyCatalog
- Description: JetPatch3rdPartyCatalog
- Support Contact: support@jetpatch.com
- Click OK
Importing Applications from JetPatch Catalog
In Tab Updates Workspace, click on "Import," select JetPatch Catalog (if you don't see JetPatch Catalog please contact the Support) and then click "Next".
2. On the following page, please approve the certificate and click "Next".
3. (Optional) In Case you already imported some of the programs, a window will pop-up asking you to confirm if you want to replace/overwrite the existing updates. Please click on "Yes to All"
4. Once the updates are successfully imported you will see a summary of the imported and/or overwritten applications. You can click "Close".
Publishing Applications to WSUS
1. Select as many application updates as you need, then click on "Publish".
2. In the Publish option windows, select "Full Content" and then click "Next".
3. On the following page, the process of publishing will start and certificates windows will appear and ask you to accept each application's certificates. Please accept them all. The process can be long depending on the chosen updates. Please be patient.
Note: you can configure automatic updates as well (see article).
Resolving Publishing Errors
If you encounter any errors while publishing, please follow these steps to resolve the issue:
- Verify Certificate Installation: Ensure that the certificate is properly installed in all three required locations on WSUS using the MMA console. You can verify this with the following PowerShell command.
Get-ChildItem -Path Cert:\LocalMachine\My | Where-Object {$_.Subject -like "*WPP*"}
The correct configuration will produce 3 lines of output.
2. Check File Accessibility: Confirm that you can download the file from the WSUS server catalog. Issues such as proxy or firewall settings might block the connection. Here are links to check:
http://catalog.jetpatch.com/10mb.msi
http://catalog.jetpatch.com/7z-24.4.0.0-x64.msi
Ensure that the downloaded file retains the exact same name as provided in the link.
3. Verify that WSUS can access http://timestamp.digicert.com
4. Run a file download test using PowerShell, as it should utilize the same network configuration as the SCUP application (often different from browser settings). If the download fails, escalate the issue to the network team for further investigation and resolution.
Invoke-WebRequest -Uri http://catalog.jetpatch.com/10mb.msi -OutFile 10mb.msi
If it fails, escalate the issue to the network team for resolution.
- Note: if there is a proxy enabled, see this article
Configuring Jetpatch to support 3rd Party Updates
The following changes in WSUS scrips are made in intigua.properties file.
1. To edit configurations ssh JetPatch Application server and edit the intigua.properties file:(usr/share/tomcat/default/conf/intigua.properties)
Do this step ONLY if using
pg.wsus.target-patch-categories
If you are using this property already, append at the end "Updates" to the list of items
Please refer to the article Relevant Patches to pull based on the patch classification
Note: any changes to the properties file requires a tomcat restart (service tomcat restart)
Manually run of WSUS get updates full scan can be forced by appending the following to the JetPatch URL:/vmanage-server/rest/experimental/patch-governance/jobs/fetch-wsus/run?fullScan=true
Should look like this:
Note:
1. Run it only once. {} mean it was started successfully. It can take up to 20 minutes for new updates to appear in the Patches Catalog.
2. Make sure to select All in "Patches Status".
What's Next
Configure Windows Endpoints for 3rd Party Updates
Comments
0 comments
Article is closed for comments.