We no longer support this browser. Using a supported browser will provide a better experience.

Please update your browser.

Close browser message

J.P. Morgan Host-to-Host SSL Support

SSL Certificate Updates

J.P. Morgan Host-to-Host will be replacing the SSL certificates used in production on September 11, 2021.  The new SSL certificates will be available on this page after August 23, 2021.  Please check back after August 23 to download the new production certificates which will be activated in production on September 11.

If you connect via FTPS to transmissions.jpmorgan.com, please download the J.P. Morgan certificate and rename as needed.

J.P. Morgan Host-to-Host certificates and URLs for AS2 and HTTPs Protocols:

  • If you have AS2 server-based file transmissions and both factors below apply to your setup, then you must download and use the appropriate certificate(s) for transport encryption of the communications session:
    • You are configured to use "strict host checking", and
    • Your system is connecting to one of the URLs listed below
  • Irrespective of the host connection address in use, all AS2 clients, including AS2 clients who only receive files from J.P. Morgan, must download and use the transmissions.jpmorgan.com server certificate for payload signature validation.
  • If you have HTTPS server-based file transmissions and both factors below apply to your setup, then you must download and use the appropriate certificate(s):
    • You are using SSL client-side authentication (two-way SSL authentication),  and
    • Your system is connecting to one of the URLs listed below
  • If you exchange files with Host-to-Host node ECGPRODP by NDM via IBM® Sterling Connect:Direct® with Secure+®, then you must download and use the appropriate certificate.

As of September 26, 2020, please use the applicable certificate for connections to node ECGPRODP by NDM via IBM® Sterling Connect:Direct® with Secure+®:

As of October 3, 2020, please use the applicable certificate for AS2 and HTTPS protocols:

IMPORTANT: You must download and install the new Entrust CA Root and Intermediate certificates as well as the applicable J.P. Morgan SSL certificate. The certificate links above are chained with the new Entrust CA Root and Intermediate. For your convenience the new Entrust CA Root and Intermediate certificates are provided separately below.

 

Host-to-Host Supported SSL Ciphers

The following ciphers are supported for internet-based connections via applications that use:

 FTPS

  • TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
  • TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
  • TLS_DHE_DSS_WITH_AES_256_GCM_SHA384
  • TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_AES_128_GCM_SHA256
  • TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
  • TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_GCM_SHA256

AS2 and HTTPS

  • TLS_RSA_WITH_AES_128_CBC_SHA256
  • TLS_RSA_WITH_AES_256_CBC_SHA256
  • TLS_RSA_WITH_AES_256_GCM_SHA384
  • TLS_RSA_WITH_AES_128_GCM_SHA256

If your application does not support the available ciphers, or otherwise does not have the required encryption capabilities, then it may be necessary to change its configuration, upgrade it to current version, replace it or switch to another protocol.

 

Application Compatibility

Client software applications that are known to connect successfully to Host-to-Host are shown below. Note that this list may change over time, and that it is best practice to use only supported current versions of third-party applications. The use and functionality of third-party software is not controlled by J.P. Morgan and is subject to change without notice. J.P. Morgan does not recommend or endorse any of the third-party software and makes no representation, explicit or implied, as to the functionality, quality or suitability of any third party software referenced below.

FTPS

  • Axway Secure Client 5.8, 6.0, 6.1
  • Curl 7.22
  • FileZilla Client 3.10.x
  • CuteFTP Professional 9.x
  • Ipswitch WS_FTP 12.x
  • Igloo FTP PRO 3.9
  • LFTP 4.6.1
  • SmartFTP Client 3.0-6.0

AS2

  • Drummond Certified AS2 Clients

 

Support

Contact the Solution Center Transmissions Support team at 978-805-1200, or by emailing CAS.helpdesk@jpmchase.com, with any questions about the J.P. Morgan Host-to-Host platform. Representatives are available to assist you, 24 hours a day, Monday through Friday. Government, municipal and public sector clients should call 844-718-0643. Please note that the support team cannot advise clients on specific actions needed to make the required system changes. Clients should contact the application vendors for this information.

 

All trademarks, trade names and service marks appearing herein are the property of their respective owners.