We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message

 

Managed File Transfer Services

Our Managed File Transfer platform allows you to exchange files with us effortlessly.

Supported Protocols and Ciphers

The information in this section contains technical details regarding secure connections between J.P. Morgan and our clients. It is designed to be used by technical teams within your organization.

What’s Happening?

All accounts on FTS3, FTS4, and FTS5 affected by the Cipher Deprecation Event should review their accounts and remove any unsupported ciphers as soon as possible to avoid possible service disruption.

Specifically, SSH KEX: diffie-hellman-group14-sha1 is being deprecated.

Timing

Effective Q4 2021: The SSH KEX: diffie-hellman-group14-sha1 will need to be removed. Please see the PowerPoint for reference.

You Should Know

In order to take advantage of these security features and avoid a disruption in service, we recommend you keep all applications in your file transmission infrastructure up to date. Please review the following requirements for the upgraded MFTS platform:

  • All Secure Sockets Layer (SSL) connections to the platform must use a minimum version of Transport Layer Security version 1.2 (TLSv1.2) for communication session encryption. The less secure SSLv3, TLSv1.0 and TLSv1.1 are not supported.
  • Java-based applications must use Java™ Virtual Machine version 1.8 (JVM 1.8) or higher to provide the appropriate level of support for encryption.
  • The following types of ciphers are no longer supported:
  • Blowfish
  • ARCFOUR (ARC4)
  • Cipher Block Chain (CBC) below 256
  • 3DES
  • TLS_RSA
  • The diffie-hellman-group14-sha1 key exchange (KEX) algorithm is no longer supported (as of 9/1/2019).

If your application cannot support one of the applicable ciphers below, you will not be able to properly connect to the MFTS platform. Out of date ciphers will not be migrated to the new data center.

 




Application Compatibility

If your application does not support the available ciphers, or otherwise does not have the required encryption capabilities, then it may be necessary to change its configuration, upgrade it to current version, replace it, or switch to another protocol.

You are strongly encouraged to test your file transfer applications in the MFTS client acceptance testing environment, which is currently configured with the upgraded infrastructure. Please refer to the Testing Instructions page for additional information and testing details.