AS2 signing certificates

Hi, I encountered something unusual hence need your advise. One of my clients AS2 certificate expired couple of months back however they are still able to send/receive messages from us.
Has anyone encountered this? In what scenario is this possible?

Hi, anyone can please advise.

I guess the AS2 servers are setup to allow non-encrypted documents to be exchanged, but it’s not good practice. If you have vital private information in those documents, you should disallow it on your side.

You can still sign documents using an expired certificate. However the recipient may reject it as their copy of the certificate will also be expired. However the data will be still be encrypted.

Your partner might want to revisit their security settings to ensure that they reject request where the associated certificate has expired though!!

regards,
John.