Each HealthVault application proves its identity to HealthVault at run-time using an asymmetric key pair. Those of you who have already gone live will remember having to send the HealthVault team your public key so that it can be stored on the HealthVault servers. If your certificate expires then your application will stop working correctly.
If you are using the Java SDK, note that the sample command line for certifcate generation uses the default expiration timeframe of 90 days. You can change this to a longer timeframe by adding the -validity parameter to your command line and specifying a larger number of days.
If you are using the .NET SDK and the HealthVault Application Manager client utility then the default expiration date is in the year 2039.
When you get close to your certificate expiration date you should send your new public key to the HealthVault team so that it can be registered. HealthVault allows a single app to register multiple public keys in order to handle exactly this scenario.