Posted on

WSUSpool keeps stopping and console shows reset node

I recently found myself in a situation where WSUS would only work for a few minutes or even seconds at a time. A restart or IISReset could bring it back for a few minutes but it would soon stop again. The Configuration manager console didn’t show any errors but it also could not see any new updates.

The event log contained this message:

The WSUS administration console was unable to connect to the WSUS Server via the remote API.

Eventually the fix was to increase the amount of memory avaliable to the app pool from the default 1843200 KB – you could set this to 0 so there is no limit or to a higher sensible limit. After doing this and running an IISRESET the app pool remained running and I was able to syncronize new updates as well as service updates to clients.

To do this open up IIS and click the plus by your servername, then on “Application pools”. Next right click on WsusPool and then left click on “Advanced Settings”, then scroll down and locate the “Private Memory limit (KB)” near the bottom and edit this value to 0 or something higher.

Posted on

Unable to change private key size when generating custom certificate request on windows

It is becoming the norm to use larger private key sizes with certificates and while trying to generate a new request on a windows 2003 box I found my self unable to change the key size at all, it was greyed out.  After a bit of head scratching I noticed all the cryptographic service providers were ticked.

After changing the tick boxes so that only the “RSA,Microsoft Software Key Storage Provider” is ticked the option becomes available and the key size can be customized.

If (like me) you are generating some CSRs to be used on a forefront threat management gateway or similar don’t forget to make the private key exportable so later on you can export it to the TMG server.

Update: This is still true for modern server versions such as 2012 R2 and 2016.