I made some progress on this, though it has created new issues.
Just to paint the picture fully, where I started was with upgrading firmware on my CC and all my firewalls to newest version: 8.0.1-0383. This was coming from firewalls mostly on 7.1 with one of them on 7.2, and with CC on 7.0. I am 100% sure this is done on my firewalls. I *think* its done on my CC, I know that if I login to CC firewall it states 8.0.1-0383 as its firmware version. Our CC is deployed as a Hyper-V VM, in case that matters.
My initial issue with having 'nothing to migrate' did appear to be CC related. After I upgraded its firmware, I was given the option to migrate my cluster from 7.0 to 7.1, which I did. After that was successfully done, I was given the option to migrate the cluster from 7.1 to 7.2, which again I did. At this point you'd assume I'd have the option to go to 8.0 on the cluster, but I do not.
I also have a new problem. When editing firewall rules in CC for one of my managed firewalls, I get a notice stating: Ruleset has feature level 7.2. Firmware version is 7.0.2-094. Some features of this ruleset may be disabled.
That seems to be a patently incorrect statement. Firmware version 100% is 8.0.1-0383 at this point, verified multiple times. If I go under Settings -> Setup in firewall rules, it does indicate feature level is at 7.2, so that much seems right.
The only thing I can figure is that I've somehow upgraded the CC to 8.0.1 but it's still treating the firewalls as if they're on a version 7 release. I can't find any setting for anything like that.
Need to update this. I ran Firewall Admin on a different workstation and stopped getting the ruleset error...that seems to be a computer specific problem and not an issue in the CC or the firewalls at this point. Firewall Admin on the other workstation also gives me the option to bump my cluster to 8.0 if I choose to, so there's definitely an issue with that particular workstation. I don't care enough about that issue to really pursue it further.
On a positive note, I do have the certificate store and ssl inspection options, which is what I started this process for in the first place. I have not decided if I'm going to go ahead and bump my cluster to 8.0 yet or not, but the goal getting access to SSL inspection and certificate store has been achieved, so I consider this issue solved and closed.Go to the full post