Contents
The validity period of an X.509 certificate is encoded in the certificate. The Certificate Validity performs a simple check on a certificate to ensure that it has not expired.
                        By default, the Certificate Validity filter searches
                        for the X.509 certificate in the certificate 
                        message attribute, which must be set by a predecessor filter in the 
                        policy (for example, by an SSL Authentication 
                        filter). 
                      
               
Configure the following fields on the Certificate Validity screen:
Name:
Enter an appropriate name for the filter.
Certificate Selector Expression:
                       Enter the selector expression that specifies where to obtain the certificate (for 
                       example, from a message attribute). The filter checks the validity of the specified 
                       certificate. If no certificate is found, the filter returns an error. Defaults to 
                       ${certificate}.
                      
               
Using a selector enables settings to be evaluated and expanded at runtime based on metadata (for example, in a message attribute, Key Property Store (KPS), or environment variable). For more details, see Selecting Configuration Values at Runtime.

