You must ensure your systems are compatible prior to August 14, 2021 when the supported cryptographic settings will be updated in production for Host-to-Host. If your systems are not compatible with supported settings, you will not be able to connect without taking corrective action.
Please test compatibility by connecting and delivering, or retrieving, a test file via our CAT environment, which is currently configured with the target state settings. Instructions may be found in the CAT- Self Test Loop section below.
Upon successful completion of the Self-Test process, please ensure that your production environment configurations match those of your test environment.
The list of supported SSH Ciphers, Key Exchange Algorithms (KEX), and Hash Message Authentication Codes (HMAC) is shown below. Please remove any unsupported algorithms. If you are unable to remove, please assign them a lower priority.
Cryptography Setting | Supported | NOT Supported | |
SSH Cipher |
aes128-ctr aes192-ctr aes256-ctr |
aes256-cbc, aes192-cbc, aes128-cbc, blowfish-cbc, 3des-cbc |
|
Keyed-Hash Message Authentication Code (HMAC) |
hmac-sha2-512 hmac-sha512 hmac-sha256 hmac-sha2-256 |
hmac-sha1 |
|
SSH Key Exchange Algorithms and Public Keys Supported (KEX) |
diffie-hellman-group-exchange-sha256 |
diffie-hellman-group-exchange-sha1 diffie-hellman-group14-sha1 diffie-hellman-group1-sha1 |
If you must renew your certificates or keys in the test environment, please email them to H2H.TestKeyRequests@jpmchase.com and be sure to include your Partner ID.
If you push and pull files to and from Host-to-Host, please use the following instructions:
For Self-Service testing, please connect to the J.P. Morgan Host-to-Host test server to verify connectivity. You may send a digitally signed "junk" text file to verify the process flow using the file naming convention below (case sensitive). If the digital signature is successfully validated, an automated process will trigger an outbound file, using what you originally sent; the file will otherwise not be processed.
1. Create a junk test file and name it <H2H_PartnerID>.TEST.IN.<anything>
Filename is case sensitive.
<H2H_PartnerID> = H2H User ID. This would be the same ID used for Production.
<anything> = any alpha numeric character including dashes, dots or underscore, but no spaces and no use of "&".
2. Sign the file with your test pgp key
3. Connect to Test URL: transmissions-uat.jpmorgan.com
Upon successful authentication you will be able to navigate to your client specific directories. A successful authentication confirms that your test system is compatible with the target list of settings. We still request that you continue with the self-loop testing until completion.
4. Change directory to: /Inbound/Encrypted
5. Place the file in the /Inbound/Encrypted directory
If PGP validation was successful we will copy the file you sent to your /Outbound/Encrypted and update the file name.
6. Change directory to /Outbound/Encrypted
7. If PGP validation was successful will see a file named <H2H_PartnerID>.TEST.OUT.<seq#>.<date/time>
This will be an exact copy of the file you placed in the /Inbound/Encrypted directory.
1. Connect to Test URL: transmissions-uat.jpmorgan.com
Upon successful authentication you will be able to navigate to your client specific directories. A successful authentication confirms that your test system is compatible with the target list of settings. We still request that you continue with the self-test until completion.
2. Change directory to /Outbound/Encrypted
3. Download the file named <H2H_PartnerID>.TEST.OUT.<seq#>.<date/time>
This will be a simple text file that includes information relevant to SSH Cipher Support
If your application does not support the target state settings, or otherwise does not have the required encryption capabilities, then it may be necessary to change its configuration, upgrade it to current version, switch to another protocol or replace it.
Failure to make the necessary changes may result in interruption of service.
Reminder: Upon successful completion of the Self-Test process, please ensure that your production environment configurations match those of your test environment.
If you require additional assistance, please contact the J.P. Morgan Solution Center Transmissions Support team at 978-805-1200. Representatives are available 24 hours a day, Monday through Friday.
All trademarks, trade names and service marks appearing herein are the property of their respective owners.