2016-05-04 09:46:32.864 ERROR ActiveSpaces Metaspace Manager - Could not connect to Metaspace ts: SYS_ERROR  (security_config_error - Invalid token identity: Id time validity error [/CN=Requestor-1-93BB2C4B] [valid after: Jan 21 20:31:33 2016 GMT, before: Apr 20 21:31:33 2016 GMT] at line [21])

[2016-05-06T11:49:31.307][12079][1088448832][ERROR][transport][Tcp.cpp:565][select] [unhandled_exception]

<Exception>

If you try to validate the token, you will see the following exception.

as-admin> validate token_file "token.txt"

Token password:xxxxxx

SYS_ERROR (action_failed -

    Failed Command: validate token_file "token.txt"

    Cause: security_config_error

    Message: Invalid token identity: Id time validity error [/CN=Requestor-1-93BB2C4B] [valid after: Jan 21 20:31:33 2016 GMT, before: Apr 20 21:31:33 2016 GMT] at line [21]
)

Steps to follow.

Case 1: transport_access is "false" in the policy file.

1. Create a new token file from the policy file.
2. If transport_access is "false" in policy file.
3. Validate token file from as-admin.
4. Connect applications using the new token file.

Case 2: transport_access is "true" in the policy file and cert_file. 

1. Create a new token file from the policy file.
2. If transport_access is "true" in policy, the file cert_file used.
3. Validate the token file from as-admin.
4. Refer to "https://docs.tibco.com/pub/activespaces/2.1.6/doc/pdf/tib_activespaces_developer.pdf", specifically the "Restricting Transport Access" section.
   
5. Remove the expired public certificate from the trusted certificate.
6. Copy and paste the public certificate from the security token file into the trusted certificates file. The public certificate is in the security token file between and including:
7. -----BEGIN CERTIFICATE-----
   -----END CERTIFICATE----
8. Save the trusted certificates file.
9. Start an as-agent security domain controller using the security policy file name when connecting to the metaspace.
   
10. Connect applications using the new token file.