This section applies only if you created your code signing certificate using an internal CA. Importing the certificate will write the certificate to the WSUS Server and to the appropriate certificate stores on your machine. You do not need to use the import process if you used WSUS to create a code signing certificate, as that certificate was automatically written to the proper locations.
In order to import a certificate you must have a secure (SSL) connection to the WSUS server. This is accomplished in part by enabling the Secure Connection check box in the WSUS Server area of the WSUS Server tab. You must also configure your ISS to use SSL.
To import a certificate:
1.Within the Configuration Manager Software Library workspace, expand the Software Updates > Ivanti Patch folder and click on Updates.
2.On the Configuration Manager Home tab, click Settings.
3.On the Patch for MEM Settings dialog, select the WSUS Server tab.
5.Navigate to the certificate file and click OK.
The certificate file will contain a copy of the private key and will be identified by a .PFX extension.