SCUP Certificate Requirements
A System Centre Update Publisher 2011 certificate is a handy tool for a number of reasons. It is required if you want to publish updates to WSUS server and deploy updates to configuration manager clients. It is usually used with the System Centre Configuration Manager for third party software updates. This can be done in two ways. Either you can generate your own certificate which will be a self signed certificate through the System Centre Update Publisher 2011 or through your own Public Key Infrastructure.
There are many criteria to be met in order to be granted an SCUP certificate. Since the process is a long winded one, even small steps can determine its success or failure. Some of these are technical, and therefore guidance may be needed in understanding all the requirements.
Minimum criteria to be met by all SCUP certificate applicants:
- The first and foremost requirement to be met by an SCUP certificate issuing is to keep the enabled option on the private key to be exported.
- The key usage must be set to digital signature.
- The minimum key size must be at least 2048. It can be more than that as well but definitely not less than that.
Other requirements to obtain an SCUP certificate:
There are some other requirements to be issued an SCUP certificate and these are as follows:
- The procedure and minimum criteria for a code signing template whose subject type is user will be different from that whose subject type is machine. This must be checked for at the beginning of the process of generating your own SCUP certificate.
- Similarly, the process and minimum criteria for Windows Server 2008 R2 certification authority and group policy will be different than that of other configurations. Again, these must be cheeked for while generating the SCUP certificate.
Category: Certificate Requirements