Hi!

I'm not sure if this is a bug, if it's wrongly posted I apologise.

I've "downgraded" back to FlashFXP 2.1 build 924 and to my surprise... It worked great!

So, Is it new security implemented or?


Reference to a earlier post : http://forum.flashfxp.com/showthread.php?s=&threadid=4713

This isn't a bug but a feature :D. The other clients (including previous flashfxp versions) do not check the certicate, while that is pretty essential for a safe transfer. So i would say install the same certicate on all servers and everything will work as it should.

This was a security vulnerability in v2.1. By not checking the fingerprint on the data channel it's possible for a middle man attack.

This issue was addressed in v3.0, If the finger print on the data channel does not match the control connection we reject the connection and display a warning.

For the sake of security and peace of mind of the user we decided to enforce this rule. Currently this cannot be disabled.