SealPath detects delays of dates in the equipment and invalidates the user's identity certificate, in such a way that is not possible to perform any document opening or protection operations by delaying the clock, in order to avoid the expiration date that can have the policy or to avoid that the offline consumption of a file is finished. This is done through a lockbox that allows securing the environment in which protected information is accessed.
To recover the identity certificate, the user has to advance the time and re-validate in the SealPath system.
If the user decides to keep the time delayed, SealPath generates the identity certificate for the user if a correct validation occurs, but the use licenses that the server generated to open documents would have a generation date in the future (the actual time of the server in front of the delayed time of the PC) and this would make the opening of a document is not possible with the license of use obtained in this situation.
This problem always occurs with any small delay of the clock. It does not happen with a clock forward.
The detection of the clock delay occurs whether the PC is connected or disconnected from the Internet, it is a detection that is done internally and invalidates the user's identity certificate in the same way in both cases.
In case of delays or advances in the clock over two hours, the server rejects connections with the PC or device.