Thanks for your feedback.

What improvement to the error message would you suggest?

I had some problems with a WinScp PowerShell script that was attempting to validate the 'TLSHostCertificateFingerprint' property. It seems that most certificates include a hidden Left to right mark (Unicode 200E) at the beginning of their thumbprint properties. This hidden character is included when I copy and paste the thumbprint from a Windows Certificate properties dialog into a Powershell script. Unfortunately, the Regex that WinSCP uses to validate the thumbprint does not handle this hidden character being present. I get an exception

Exception setting "TlsHostCertificateFingerprint": "TLS host certificate fingerprint "‎a9 3b 86 6d a1 d4 ec f0 f3 c4 1e 15 f0 65 c7 d7 04 2d 26 af" does not match pattern
/([0-9a-f]{2}:){19}[0-9a-f]{2}(;([0-9a-f]{2}:){19}[0-9a-f]{2})*/"

If I remove the hidden character at the beginning of the thumbprint (or manually type it), then the validation works. At very least I think this issue warrants an improvement in the error message, preferably it should include an optional left to right mark in the Regex so that copied and pasted thumbprints work.

I have reproduced this problem in WinSCP 5.9.3 and WinSCP 5.7.7 on Windows 8.1 and Server 2012 R2.