From 439241f90e226e2c9f6b05f7c603bdf387c5cc38 Mon Sep 17 00:00:00 2001
From: nagendra0721 <nagendra0718@gmail.com>
Date: Tue, 13 Jan 2026 18:25:34 +0530
Subject: [PATCH 1/2] MOSIP-44250: allow expired certifivate to verify jwt sign

Signed-off-by: nagendra0721 <nagendra0718@gmail.com>
---
 .../kernel/signature/service/impl/SignatureServiceImpl.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
index 50bdfd62..e0b8253c 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
@@ -621,8 +621,8 @@ private boolean verifySignature(String[] jwtTokens, String actualData, Certifica
 			if (!validCert) {
 				LOGGER.error(SignatureConstant.SESSIONID, SignatureConstant.JWT_SIGN, SignatureConstant.BLANK,
 					"Error certificate dates are not valid.");
-					throw new CertificateNotValidException(SignatureErrorCode.CERT_NOT_VALID.getErrorCode(),
-								SignatureErrorCode.CERT_NOT_VALID.getErrorMessage());
+//					throw new CertificateNotValidException(SignatureErrorCode.CERT_NOT_VALID.getErrorCode(),
+//								SignatureErrorCode.CERT_NOT_VALID.getErrorMessage());
 			}
 
 			String keyAlgorithm = x509CertToVerify.getPublicKey().getAlgorithm();

From c61af74da3ebb9b589d00a3ed3a9581bc7ee2576 Mon Sep 17 00:00:00 2001
From: nagendra0721 <nagendra0718@gmail.com>
Date: Tue, 13 Jan 2026 18:53:50 +0530
Subject: [PATCH 2/2] MOSIP-44250: Disable error logging for certificate date
 validation

Comment out error logging for invalid certificate dates.

Signed-off-by: nagendra0721 <nagendra0718@gmail.com>
---
 .../kernel/signature/service/impl/SignatureServiceImpl.java   | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
index e0b8253c..34f343d1 100644
--- a/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
+++ b/kernel/kernel-keymanager-service/src/main/java/io/mosip/kernel/signature/service/impl/SignatureServiceImpl.java
@@ -619,8 +619,8 @@ private boolean verifySignature(String[] jwtTokens, String actualData, Certifica
 			X509Certificate x509CertToVerify = (X509Certificate) certToVerify;
 			boolean validCert = SignatureUtil.isCertificateDatesValid(x509CertToVerify);
 			if (!validCert) {
-				LOGGER.error(SignatureConstant.SESSIONID, SignatureConstant.JWT_SIGN, SignatureConstant.BLANK,
-					"Error certificate dates are not valid.");
+				// LOGGER.error(SignatureConstant.SESSIONID, SignatureConstant.JWT_SIGN, SignatureConstant.BLANK,
+				// 	"Error certificate dates are not valid.");
 //					throw new CertificateNotValidException(SignatureErrorCode.CERT_NOT_VALID.getErrorCode(),
 //								SignatureErrorCode.CERT_NOT_VALID.getErrorMessage());
 			}