unable to add CUP IMP to Expressway Core - AXL query HTTP error 500

Mohammadreza Hadi · ‎09-11-2025

Hi dear Friends,

i have an issue with "expressway core"
which is when i want to add "CUP IM and Presence" into "Expressway Core"
it shows me this error:
Failed: Unable to communicate with imp-pub.example.com. AXL query HTTP error "HTTP Error:500"

CUCM version >> 15 su3
CUP version >> 15 su3
Expressway Core version >> 15.0.3

we use internal CA to sign cert for expressway core,
and i added CA-Root into "Call-manager-trust" & "Tomcat-trust" of CUCM..

also we add an application user with role of "Super User" on CUCM
which has "AXL API Access"..

and also, on expressway core, through CLI with admin user,
i entered this command:
xConfiguration EdgeConfigServer VerifyOriginServer: OFF

but issue still exist..

is anybody knows how can i fix this ?..

(Rate by "Helpful" or "Accept") (محمدرضا هادی_ایران) (Email: morez.hadi@gmail.com)

Leonardo Santana · ‎09-11-2025

Hi,

IMP Server health is good?

Do you have network connectivity? All the necessary ports are open?

There is any AXL related service not running at IMP or CUCM?

Try to check this link bellow, there is a bug with this error:

IM&P Server Not Added and Errors Encountered

When you add an IM&P Server, Expressway-C reports "This server is not an IM and Presence Server" or "Unable to communicate with .AXL query HTTP error ''HTTPError:500'", which results in the IM&P Server to not be added.

As part of the addition of an IM&P server, Expressway-C uses an AXL query to look for the IM&P certificates in an explicit directory. Due to Cisco bug ID CSCul05131, the certificates are not in that store; therefore, you encounter the false error.

https://www.cisco.com/c/en/us/support/docs/unified-communications/expressway/118798-technote-cucm-00.html

At last if you have a valid support contract with Cisco open a case at TAC.

Regards
Leonardo Santana

*** Rate All Helpful Responses***

Mohammadreza Hadi · ‎09-12-2025

Hi dear @Leonardo Santana
thanks for your attention ^-^

IMP Health is good.. (when i run "Troubleshooter", all is Green & OK)
there is no port block issue.. (all servers are in same Vlan/Subnet)
AXL service is running & OK.. (i even restarted it once or twice..)

i checked this bug >> CSCul05131
but certificates are exist in trusted store & no problems..

(Rate by "Helpful" or "Accept") (محمدرضا هادی_ایران) (Email: morez.hadi@gmail.com)

s-dubinin · ‎09-23-2025

check PTR-record for IMP node. You must have this record.

Mohammadreza Hadi · ‎09-25-2025

PTR-Record for IMP is exist & it's OK..

(Rate by "Helpful" or "Accept") (محمدرضا هادی_ایران) (Email: morez.hadi@gmail.com)

Nithin Eluvathingal · ‎09-13-2025

I would consider upgrading the xpressway to a higher version, but not to 15.3.0, as it has a BUG https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwq91005 where the GUI does not display the dual NIC.
Or, open a TAC.

xConfiguration EdgeConfigServer VerifyOriginServer: Off
This is a short-term solution for Cisco bug ID CSCwc69661 or Cisco bug ID CSCwa25108.

Mohammadreza Hadi · ‎09-25-2025

thanks dear @Nithin Eluvathingal for your attention ^-^

i upgrade it to 15.0.3
but issue is still exist..

after many attempt on customer site,
i decided to install CUCM + IMP in my Home-Personal-ESX-Host-Server..
based on exactly customer IP Address & DNS Domain & Etc..

then i did backup servers with VeeamBackup Solution
& restore them on customer ESX Host Server..

after login to them, i saw that everything is OK & Fine..
i do refresh IMP Node on EXP-C & even Remove it, then Add it Again & all was Good..

i think maybe there is an issue with .iso file of CUP SU3..
maybe during installation, something goes wrong & cause this issue..

(Rate by "Helpful" or "Accept") (محمدرضا هادی_ایران) (Email: morez.hadi@gmail.com)

Nithin Eluvathingal · ‎09-28-2025

That's quite odd.

Mohammadreza Hadi · ‎09-28-2025

yes, it is -_-

even another of my colleague, in other co-partner company,
report this issue..

he said on his cutomer site, faced this issue..
and near 4 times he installed CUCM + CUP + EXP.. and everytime he add IMP on EXP-C.. he faced this error AXL Query 500..

i suggested him to install servers on another structure, and backup them with Veeam.. and then restore VMs on customer site..

currently i did not find any technical solution fix for this issue..

(Rate by "Helpful" or "Accept") (محمدرضا هادی_ایران) (Email: morez.hadi@gmail.com)

s-dubinin · ‎10-15-2025

The workaround from here helped me

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCur25679

1. Create a remote account on the IM&P Publisher node of the problem cluster

2. Regenerate an XCP secret on the Publisher 10.5.2 TT problem cluster:

/usr/local/thirdparty/java/j2sdk/bin/java -classpath /usr/local/platform/jar/CCMEncryption.jar:/usr/local/cm/jar/log4j-1.2.8.jar com.cisco.ccm.security.EncryptString abcdefghijk encrypt.txt

3. Update the value of the XCP secret in the database on problem cluster:
idblj -e "update epassyncagentcfg set xcpsecret='<value_returned_in_step_1>'"

4. Restart all servers in the problem cluster.

5. Validate that after the cluster has restarted XCP Config Manger has started.

6. Force any clusters that have Inter-cluster peering configured with problem cluster as follows:

On the publisher:
- restart Cisco Intercluster Sync Agent
- restart Cisco XCP Config Manager
- restart Cisco XCP Router
then on the subscriber(s)
- restart Cisco XCP Config Manager
- restart Cisco XCP Router