I have a handful of PC's not joined to our domain. These are Kiosk machines running Provisio's SiteKiosk software for people to be able to come into our building and browse the internet. They are very locked down terminals but we still want to keep windows, adobe acrobat and flash updated.
In the local computer group policy of the machine we configured Windows Update to use our WSUS server and we have the client side targeting set. We imported our domain root certificate and in IE we can browse to our https://wsus server and not receive any certificate errors. It seems Microsoft updates do install but the hang up is the Adobe updates. We need to read PDF's from our website and small portions of flash content, but these two highly sought after applications are always prone to issues so we want to keep them up to date.
I found this when investigating some bandwidth issues between remote sites. Narrowed down the heavy usage to these kiosk machines constantly trying to download these updates from our WSUS server. IN WindowsUpdate.log I see this:
Validating signature for C:\Windows\SoftwareDistribution\Download\24baee1d295f092d9cdbce885ea27ee0\AdbeRdrUpd11016_MUI.cab with dwProvFlags 0x00000080:
2016-10-04 09:54:24:204 472 14b0 Misc FATAL: Error: 0x800b0109 when verifying trust for C:\Windows\SoftwareDistribution\Download\24baee1d295f092d9cdbce885ea27ee0\AdbeRdrUpd11016_MUI.cab
2016-10-04 09:54:24:204 472 14b0 Misc WARNING: Digital Signatures on file C:\Windows\SoftwareDistribution\Download\24baee1d295f092d9cdbce885ea27ee0\AdbeRdrUpd11016_MUI.cab are not trusted: Error 0x800b0109
2016-10-04 09:54:24:219 472 14b0 DnldMgr WARNING: File failed postprocessing, error = 800b0109
How can we resolve this issue?
