The recent Microsoft patch for WSUS (KB2734608) updated WSUS to generate 2048-bit publishing certificates instead of the previously non-secure 512-bit certificates. Microsoft released this patch to prepare WSUS for a forthcoming Microsoft update that will block all RSA-based certificates that have a key length of 1024 bits or less.
To ensure the most seamless transition possible in your publishing environment, SolarWinds recommends you regenerate all of your WSUS publishing certificates after you apply KB2734608. Due to the relationship these certificates have with your previously-published packages and all of your client systems, the general procedure for this process is:
Note: For additional details about these procedures, see "Configuring Publishing Servers" in the Patch Manager Administrator Guide. However, it is important that you do not simply distribute the existing WSUS signing certificate to your publishing servers. Rather, generate a new publishing certificate as described in the following procedure.
To generate new publishing certificates in your Patch Manager publishing environment: