The actual issue is that I cannot log in to MRA Jabber. This is the error message that I am receiving: 'Cannot communicate with the server. Reset Cisco Jabber to continue.'

My Expressway E certificate is signed by an internal Windows CA. When I generated the CSR from Expressway E, the Subject name was set to expe1.xxxxx.xo.uk. However, I am not sure where or how to edit the SAN field and add additional subject names

You do it on the E where you create the CSR. Using an internal CA is not recommended for the E.

I think, the fields in the CSR generation page in Expressway is very clear about that:

Recommended reading lecture for a rainy day: Expressway administration guide or certification guide.

Many thanks gents,  I will try to edit the CSR and generate a new certificate for Expressway E and see if that resolve the issue. I will update you later.

The certificate issue is resolved but still can not login MRA. " Cannot communicate with the server"

I can see a different error message on CSA under user login tab "Failed to retrieve user's home cluster."

2 questions. #1 have you defined the CM(s) in the C?, #2 does the user that you try to login with have home cluster set on the end user object?

yes, the user that I am trying to login with has:

Home Cluster

Enable User for Unified CM IM and Presence (Configure IM and Presence in the associated UC Service Profile)

Secondly CUCM cluster addresses are defined on the Expressway C under configuration>Unified Communications>Unified CM Servers

Are these user able to use jabber internally ? Did this worked ?

Second, refresh the CUCM nodes from Expressway C.

the user can login locally but still getting MRA communication error to the server.

a quick question, on the Expressway C, do I need to add only publisher or both publisher and subscriber as CM servers?

Subscribers are added automatically.
Do you also have IM&P? If yes, you also need to add the IM&P-Pub in EXP-C. And furthermore, you need to open the port 5222 in the FW as also shown in the screenshot you provided.

---

@yare wrote:

2023-05-11T14:46:27.883+01:00	traffic_server[7237]: Event="Request Allowed" Detail="Access allowed" Reason="In allow list" Username="jsmith" Deployment="1" Method="POST" Request="https://imp.xxxxx.co.uk:8443/EPASSoap/service/v80" Rule="https://imp.xxxxxx.co.uk:8443/EPASSoap/service/v80" Match="exact" Type="Automatically generated rule for CUPS server" UTCTime="2023-05-11 13:46:27,883"
2023-05-11T14:46:27.795+01:00	traffic_server[7237]: Event="Request Allowed" Detail="Access allowed" Reason="In allow list" Username="jsmith" Deployment="1" Method="POST" Request="https://imp.xxxxx.co.uk:8443/EPASSoap/service/v80" Rule="https://imp.xxxxxx.co.uk:8443/EPASSoap/service/v80" Match="exact" Type="Automatically generated rule for CUPS server" UTCTime="2023-05-11 13:46:27,795"
2023-05-11T14:46:27.684+01:00	traffic_server[7237]: Event="Request Allowed" Detail="Access allowed" Reason="In allow list" Username="jsmith" Deployment="1" Method="GET" Request="https://cucmsub01.xxxxx.co.uk:8443/cucm-uds/version" Rule="https://cucmsub01.xxxxx.co.uk:8443/cucm-uds/version" Match="exact" Type="Automatically generated rule for CUCM server" UTCTime="2023-05-11 13:46:27,684"
2023-05-11T14:46:27.631+01:00	traffic_server[7237]: Event="Request Allowed" Detail="Access allowed" Reason="In allow list" Username="jsmith" Deployment="1" Method="GET" Request="https://cucmpub.xxxxx.co.uk:8443/cucm-uds/version" Rule="https://cucmpub.xxxxxx.co.uk:8443/cucm-uds/version" Match="exact" Type="Automatically generated rule for CUCM server" UTCTime="2023-05-11 13:46:27,631"

---

Not sure what you're intent is with your last post. Can you please elaborate?