I was trying to update my FTD from 7.0.4 to 7.2.5 and the upgrade was always failing with a Java error at about 38% and then reverting back.
Eventually I discovered that the webserver certificate was expired. Trying to replace the certificate with a CA signed certificate is failing with "SSP server unavailable" error.
Here is what I have done to fix this. These steps worked for me in both in 7.0.4 and 7.2.4. You can't replace the webserver certificate with a CA signed certificate but you can replace it with a self signed certificate on the firepower itself.
1. ssh to your firepower (with FDM)
2. go to expert mode
3. sudo su
4. cd /etc/ssl
5. Generate - CSR request
openssl req -new -newkey rsa:2048 -nodes -keyout private.key -out firepower.csr
6. Sign the "self signed" certificate
openssl x509 -req -days 825 -in firepower.csr -signkey private.key -out server.pem
7. Replace the certificate and private key in DefaultWebserverCertificate (firepower/Objects/Certificate in FDM) with the private.key and server.pem generated above. Run these on your firepower and copy the output: cat /etc/ssl/private.key respectively, cat /etc/ssl/server.pem
8. restart the device. After this the upgrade will work.
I am importing several objects to FTD 1120 - 6.6.1-91 via API Call and I am getting this error:
"statusMessage": "Configuration import failed at step of 'import objects'. Configuration import failed - SSP Server Unavailable\nSSP Server Unavailable",