So we auto patch servers using WSUS (Version: 6.2 on Server 2012) which is great as all servers (and we have loads) get patched and we don’t have to do anything (except fix shitty MS updates).
Last week WSUS patched itself and all of a sudden the WSUS Admin console was inaccessible:
Clicking the copy error to clipboard gave this:
The WSUS administration console was unable to connect to the WSUS Server via the remote API. Verify that the Update Services service, IIS and SQL are running on the server. If the problem persists, try restarting IIS, SQL, and the Update Services Service. The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists, Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\. System.IO.IOException -- The handshake failed due to an unexpected packet format. Source System Stack Trace: at System.Net.Security.SslState.StartReadFrame(Byte[] buffer, Int32 readBytes, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.StartSendBlob(Byte[] incoming, Int32 count, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state, Boolean preserveSyncCtx) at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state) at System.Net.TlsStream.ProcessAuthentication(LazyAsyncResult result) at System.Net.TlsStream.Write(Byte[] buffer, Int32 offset, Int32 size) at System.Net.ConnectStream.WriteHeaders(Boolean async) ** this exception was nested inside of the following exception ** System.Net.WebException -- The underlying connection was closed: An unexpected error occurred on a send. Source Microsoft.UpdateServices.Administration Stack Trace: at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args) at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer(String serverName, Boolean useSecureConnection, Int32 portNumber) at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.ConnectToServer() at Microsoft.UpdateServices.UI.SnapIn.Scope.ServerSummaryScopeNode.get_ServerTools()
So after much Googling I found KB3148812 is the update that broke it.
To recover your console, run the following in an elevated command prompt (assuming Windows is installed on drive C):
cd C:\Program Files\Update Services\Tools
Wsusutil.exe postinstall /servicing
Then reset the server node or reboot WSUS, and you’re back in!
Once your back you may find that client scans against WSUS no longer succeed.
To restore client-server communication, enable HTTP Activation on your WSUS server via the Add Features and Roles Wizard in your Server Manager:
Job Done.
Thank you for this post. Had the exact same issue. Managed to fix without adding the HTTP feature after running Wsusutil.exe and resetting the server node.
Fixed my home lab WSUS server on 2012 R2.
Thank you 🙂
You rock 10x
Thank you! Ran into the same problem on Win2012R2 after applying a large batch of patches.
This fixed it.
Thank you very much for this solution! my WSUS installation is working again!
Worked for me too. Thanks a ton!
Thanks for the write-up. This fixed my problem.
Thank you for your sharing… followed your recommended steps and it recovered my WSUS on W2012R2 which fails with the same problem after installing updates… YOU ROCK!!!
Thank you for your post! Totally worked on our W2012R2 server. Just mirroring what everyone else is saying, you are a rockstar!
Hi,
Thank you for the post – it worked.
The problem reappears – I rebooted WSUS it started working and after 4-5 hours the problem reappeared.
Do you share the same problem?
Wow, this worked a treat! Thank you so much!
Wow, not expected but it fixed my issue too, thanks a million.
Wonderful, So fixed for me, Thanks so much
Thanks, saved me hours of searching why WSUS wasn’t working any longer. Don’t love how MS are able to make their own programs crash with their own updates. Not the first time something like this happened to me…
Thanks man – this really helped me out! keep up the good work…..
Thanks man,
This saved me loads of time!
Still helping people out in 2019
Thanks!