Manual Signatures

Using Manual Signatures (also known as External Signatures) allows separating the privilege of Windows Server Update Services (WSUS) administration from the privilege to mark a package as trusted for deployment. With automatic signatures (typically, but not always, using a self-signed certificate), the WSUS administrator has full access to a digital certificate and private key that is trusted by all the machines within the organization. With Manual signatures, WSUS, and thus the WSUS administrator, does not require access to the private key.

The following sections describe how to process a manual signature:

•

Enable Manual Signatures

•

Deploy the Agent for a Manual Signature

•

Deploy a Patch Package for a Manual Signature

•

Manual Signature Notifications

Software Vulnerability Research Documentation

Help Library

Release Notes