Shibboleth Developers

I've got an origin on an older machine, using a cert obtained about a 
year ago, I'm suddenly getting this message in my origin log:

2004-07-15 20:03:11,046 ERROR [AA] Core 
- Failed to startup directory context: 
javax.naming.CommunicationException: simple bind failed: 
directory.cis-qas.brown.edu:636 [Root exception is 
javax.net.ssl.SSLHandshakeException: 
java.security.cert.CertificateExpiredException: NotAfter: Thu Jul 08 
19:59:59 EDT 2004]
2004-07-15 20:03:11,049 WARN  [AA] Core 
- Skipping PlugIn: directory

I would have assumed, tho, that the ldap server returned this 
cert.... I wouldn't have expected the java libraries to be presenting 
a client cert.....

however,

/usr/local/bin/ldapsearch -H ldaps://directory.cis-qas.brown.edu/ -b 
"dc=brown,dc=edu" -D "cn=stc_query,ou=special users,dc=brown,dc=edu" 
-w PASS brownnetid=steven_carmody

does work....altho the ldapsearch doc makes no mention of ssl support....

so... which cert has expired?