We have passed the deadline for changes to be made in support of the data center migration. If you lose your connection and/or services due to this migration, finish your transition now by implementing the required changes to your Production environment. You will continue to experience connectivity failures until your updates have not been made.

Please contact us with questions or concerns, bookmark this page and check back often for updates.

Updated on September 26, 2024

New Data Center for SSL Protocols

As part of your migration to our new Data Centers it is important to confirm that your systems are compatible with the new cryptography settings and can successfully connect to our new servers. You can validate your connection by performing a self-test using the instructions provided on the New Data Center Client Acceptance Testing page by using your assigned URL below.

Your current security credentials have been installed in the new environment, but there may be some scenarios where you will need to provide new production keys or certificates. Unless you are configured to use strict host checking the primary J.P. Morgan Host to Host keys and certificates will remain the same. If you are configured to use strict host checking, then you will also need to download and use the appropriate certificate for your assigned URL.

Depending on your firewall configuration, changes may be required. The new IPs for connections you initiate are listed below. It is recommended that you open the J.P. Morgan owned IP range of 198.36.0.0/22. If you receive files automatically pushed to you, those IP ranges will also be changing. Please allow the following IP range to continue receiving files pushed to you: 146.143.0.0/16.

Full end to end testing should not be required as only the front-end servers are changing. The list of steps needed to ensure compatibility with the new Data Centers can be found here: Data Center Migration Checklist.

All Production file transmissions must utilize the new Data Center by August 31, 2024 or risk disruption in service.

Production URLs

All FTPS connections will utilize the Primary URL. AS2 and HTTPs connections could potentially use one of our other URLs. If you are unsure which URL you should be using, please contact our support team.

It is recommended that you open the J.P. Morgan owned IP range of 198.36.0.0/22.

URL IP Address 1 IP Address 2 Port
SFTP/FTPS/AS2/HTTPS      
transmissions.jpmorgan.com(Primary) 198.36.3.140 198.36.2.140 21,22,443
FTPS: port 21 with 9000-9300 for passive
AS2/HTTPS      
transmissions1.jpmorgan.com 198.36.3.141 198.36.2.141 443
transmissions2.jpmorgan.com 198.36.3.142 198.36.2.142 443
transmissions3.jpmorgan.com 198.36.3.143 198.36.2.143 443
transmissions4.jpmorgan.com 198.36.3.144 198.36.2.144 443
transmissions5.jpmorgan.com 198.36.3.145 198.36.2.145 443
transmissions6.jpmorgan.com 198.36.3.146 198.36.2.146 443
transmissions7.jpmorgan.com 198.36.3.147 198.36.2.147 443
transmissions8.jpmorgan.com 198.36.3.148 198.36.2.148 443

FTPS Protocols:

If you connect via FTPS to transmissions.jpmorgan.com, please download the J.P. Morgan certificate and rename as needed.

The serial number for the current certificate that expires February 16, 2025 is: ‎33 21 7f f8 2f a4 b8 5f 4a 8c d5 a0 60 e3 26 01

AS2 and HTTPs Protocols

  • If you have AS2 server-based file transmissions and both factors below apply to your setup, then you must download and use the appropriate certificate(s) for transport encryption of the communications session:

    • You are configured to use "strict host checking",and
    • Your system is connecting to one of the URLs listed below
  • Irrespective of the host connection address in use, all AS2 clients, including AS2 clients who only receive files from J.P. Morgan, must download and use the transmissions.jpmorgan.com server certificate for payload signature validation.
  • If you have HTTPS server-based file transmissions and both factors below apply to your setup, then you must download and use the appropriate certificate(s):

    • You are using SSL client-side authentication (two-way SSL authentication), and
    • Your system is connecting to one of the URLs listed below
  • If you exchange files with Host-to-Host node ECGPRODP by NDM via IBM® Sterling Connect:Direct® with Secure+®, then you must download and use the appropriate certificate.

Be sure to use the applicable certificate for connections to node ECGPRODP by NDM via IBM® Sterling Connect:Direct® with Secure+®. The current certificates are available for download below.

For AS2 and HTTPS protocols, use:

IMPORTANT: If you must download and install the Entrust CA Root and Intermediate certificates separately, you will find them provided below. The certificate links above are chained with the same Entrust CA Root and Intermediates.

Supported SSL Ciphers

Only the following ciphers are supported for internet-based connections via applications that use:

  • File Transport Protocol Secure (FTPS)
  • Applicability Statement 2 (AS2)
  • Hypertext Transfer Protocol Secure (HTTPS)

View Supported SSL Ciphers

  • TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Client software applications that are known to connect successfully to Host-to-Host are shown below. Note that this list may change over time, and that it is best practice to use only supported current versions of third-party applications. The use and functionality of third-party software is not controlled by J.P. Morgan and is subject to change without notice. J.P. Morgan does not recommend or endorse any of the third-party software and makes no representation, explicit or implied, as to the functionality, quality or suitability of any third-party software referenced below.

View Applications

  • FTPS (No longer supported for new setups)

    • Axway Secure Client 5.8, 6.0, 6.1
    • Curl 7.22
    • FileZilla Client 3.10.x
    • CuteFTP Professional 9.x
    • Ipswitch WS_FTP 12.x
    • Igloo FTP PRO 3.9
    • LFTP 4.6.1
    • SmartFTP Client 3.0-6.0
  • AS2

    • Drummond Certified AS2 Clients