No, I'm afraid that I've not seen this error myself.
I'd suggest that raising a ticket with technical support is the best route forward.
You must have one SSL Rule in the policy to upgrade. Create an SSL Rule and leave it disabled, it doesn't matter what it says of course. Then you should be able to upgrade.
Thank you it worked!
You're welcome. It's a benefit of having Bugzilla access.
The problem with this error is it should obviously be more specific. The 'NoneType' there should say 'SSL Rules' in my opinion. Then you get an error saying "Object 'SSL Rules' has no attribute 'items'". Then you could say to yourself "Oh maybe we need one SSL Rule since I don't see any in my policy" and can make that change and see if it works. I know we are aware of the...unhelpfulness of the error messages and we're working on improving them.
Get 8.2.1 installed (and keep installing the major patches as they come out!) and you should be good to go.
Can you elaborate on what the cause of the problem actually was?
I've read through this thread and can't quite work out if it is actually as simple as being the case that if you have an 8.2.0 installation which does not have an SSL Rule (and I assume this means SSL rule and not an ACL using the SSL service) you can't upgrade it to 8.2.1?
Would this suggest that the "Exempt All" SSL rule had been removed in this case? - I've checked through a number of customer systems (some new version 8 installations and a couple of systems which had been upgraded from v7) and they all have the "Exempt All" SSL rule in place.
Our Control Center is not applying the "Exempt All" rule to the firewall even though it is set to be applied on "ALL FIREWALLS". Not sure if this is also a bug but that's the reason there were no SSL rules.
Yes, you simply need on SSL Rule in the policy. The upgrade tries to 'use' an SSL Rule in the code and if one's not there it's borks out. It should check IF something is there before trying to use it, let's say.
What version of CC?
What version of firewall is this?
I can test this out.
The SSL rule is absent in our firewalls with versions:
- 8.1.2P01 with 8.1.2CC5210103