SUP Sync Fail in SCCM 2012 SP1 (or Higher)

I recently had to reinstall WSUS and the SUP role on my Primary Site server (stop asking me why…I’m not telling). It had been so long since I’ve done this that I TOTALLY forgot about a fun little “gotcha”.

After installing the WSUS server role and adding the SUP role to my SCCM server, I went to the typical logs (WCM.log, WSYNCMGR.log, WSUSCtr.log) with the idea that I would sit back, relax and enjoy all of the fruit that my left-clicking had to bare.

“Sync failed: WSUS update source not found on site”


So, a little detail that I forgot is the fact that

WSUS 3.0 SP2 in conjunction with SCCM 2012 SP1 requires a patch (with an optional patch as well):

Applying KB2720211 will alleviate the errors you see when WSUS attempts to sync with the interwebs by implementing a new certificate management process. KB2734608 actually includes KB2720211, so you can simply apply that hotfix if you so desire. This KB also modifies the SUP DB schema to support SHA256 hashes, which is necessary for patching Windows 8 and Server 2012 machines.

Happy updating!