SSO: How the certificate validation option works?

Hello,
I was able to setup a copy of Bitwarden on my local NAS server and was even able to set up SSO with IDP.
On the Single Sign-On configuration page under “SAML Service Provider Configuration” I noticed the [Validate certificates] option, and when I selected this option, I received the following error message when trying to use SSO:
There was an error during single sign on. The signature was valid, but the verification of the certificate failed. is it expired or revoked

I don’t quite understand how to fix this error. Can anyone give advice?
thanks a lot in advance!