question

HI @ValentinBeduhn-8569

Configure SSL for downstream WSUS servers
The following instructions configure a downstream server to synchronize to an upstream server that uses SSL.

To synchronize a downstream server to an upstream server that uses SSL
1. Log on to the computer by using a user account that is a member of the local Administrators group or the WSUS Administrators group.
2. Click start, click All Programs, click Administrative Tools, and then click Windows Server Update Service.
3. In the right pane, expand the server name.
4. Click Options, and then click Update Source and Proxy Server.
5. On the Update Source page, select Synchronize from another Windows Server Update Services server.
6. Type the name of the upstream server into the Server name text box. Type the port number that the server uses for SSL connections into the Port number text box.
7. Select the Use SSL when synchronizing update information check box, and then click OK.

Configure SSL on the WSUS server
WSUS requires two ports for SSL: one port that uses HTTPS to send encrypted metadata, and one port that uses HTTP to send updates. When you configure WSUS to use SSL, consider the following:

You cannot configure the whole WSUS website to require SSL because all traffic to the WSUS site would have to be encrypted. WSUS encrypts update metadata only. If a computer attempts to retrieve update files on the HTTPS port, the transfer will fail.

If the Answer is helpful, please click Accept Answer and up-vote, this can be beneficial to other community members.