I noticed some third party updates were not being installed by clients when being deployed as a Software Update from SCCM 2012. SCUP System Center Updates Publisher (SCUP) is being used to push out third party updates to clients.
When checking the compliance for the deployment in the Monitoring node then Deployments, the “Error” tab for the deployment showed “The subject is not trusted for the specified action” with a error code of 0x800B0004.
0x800B0004 error is related to a certificate issue. In my case, the WSUS SCUP certificate had expired on the client computers which meant they would not install Software Updates published from SCUP. Checking MMC on my machine and adding certificate manager, I took a look at the Trusted Publishers and the certificate was there and expired. Once the certificate was updated and Software Update Deployment evaluation policy was run, my SCCM client started to download the third party updates and install them. This also happened on other client workstations once the new certificate was applied.
For more informationr regarding SCUP (System Center Updates Publisher) certificates, take a look at https://technet.microsoft.com/en-us/library/hh134732.aspx