Certificates should be checked every time you log on to an ftp - the certificate might have expired, or the dns name / ip address of the ftp can have changed. Also, onthe SSL tab should have a "View certificate" button (in addition to "Reset certificate").

The certificate *is* checked everytime you log in. If the certificate is changed FlashFXP will pop-up with a new certificate. If you mean that FlashFXP has to check the certificate for its validity then you have a problem: only you can decide whether or not the certificate is valid. That's why there is a pop-up. As far for the "view certificate", i think you have a point there.

The certificate is only checked against the 16-byte hash (or whatever) that is stored in sites.dat. The certificate can not be reconstructed from these 16 bytes, which is, I guess, the reason why there is no View Certificate button. It is probably also why when a certificate is accepted for a site, it is always automatically accepted, regardless of whether or not the certificate data matches the server. That is, if the ip/dns it is currently using is the same as when you accepted the certificate the first time. You can try this yourself by adding a couple of entries in your hosts file, so several host names matches the same ip, and then connect to the different host names for the same ftp server (by changing the ip address in your site manager). And no, there is no warning for expired certificates. If it has been accepted and stored, you will never see a warning again.

I must of missed this thread the first time it was posted.

Once the cert has been accepted no further validation is performed on the cert details, We only compare the cert hash with the stored hash to determine if the cert has changed, if the cert has changed you will be prompted to accept it again.

Currently we do not store the cert details.

Will you consider storing the details in a later version? And doing a better check perhaps?