Allow MSI Source locations to use DP's configured for HTTPS
I recently ran into an issue with an MSI that we have deployed which required access to its installation source during a patching operation, and discovered these two problems. We worked around the issue by pinning the content in the ccmcache.
On the application deployment properties, SCCM can automatically update the source location windows installer uses for a detected MSI product code. However, it appears that windows installer is unable to use https source locations, only http.
Another issue I have seen is that the windows installer source list gets appended (not replaced). As a client roams between content boundaries, it accumulates various DP's source locations. If windows installer requires the source location (say during a repair operation), it could potentially fetch content from a sub-optimal location.
Apparently the product team has made this official and not going to support this feature via HTTPS. https://support.microsoft.com/en-us/help/2905510/windows-installer-source-list-not-update-with-https-distribution-point
This is absolutely not great for people who was encouraged to use HTTPS and this feature is unavailable.
Scott Erickson commented
This needs to get fixed. For HTTPS only environments the MSI Source feature is totally broken.