diff --git a/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java b/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java
index 38c11c5ae..79e3a361a 100755
--- a/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java
+++ b/hutool-json/src/main/java/cn/hutool/json/jwt/JWTValidator.java
@@ -242,11 +242,13 @@ public class JWTValidator {
 	 * @throws ValidateException 验证异常
 	 */
 	@SuppressWarnings("SameParameterValue")
-	private static void validateNotBefore(final String fieldName, final Date dateToCheck, final Date now, final long leeway) throws ValidateException {
+	private static void validateNotBefore(final String fieldName, final Date dateToCheck, Date now, final long leeway) throws ValidateException {
 		if (null == dateToCheck) {
 			return;
 		}
-		now.setTime(now.getTime() - leeway * 1000);
+		if(leeway > 0){
+			now = DateUtil.date(now.getTime() - leeway * 1000);
+		}
 		if (dateToCheck.before(now)) {
 			throw new ValidateException("'{}':[{}] is before now:[{}]",
 					fieldName, DateUtil.date(dateToCheck), DateUtil.date(now));
diff --git a/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java b/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java
index 26204faaf..1dc59d3a5 100755
--- a/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java
+++ b/hutool-json/src/test/java/cn/hutool/json/jwt/JWTValidatorTest.java
@@ -84,16 +84,17 @@ public class JWTValidatorTest {
 
 	@Test
 	public void issue2329Test(){
-		final long NOW = System.currentTimeMillis();
-		final Date NOW_TIME = new Date(NOW);
-		final long EXPIRED = 3 * 1000L;
-		final Date EXPIRED_TIME = new Date(NOW + EXPIRED);
+		final long now = System.currentTimeMillis();
+		final Date nowTime = new Date(now);
+		final long expired = 3 * 1000L;
+		final Date expiredTime = new Date(now + expired);
 
 		// 使用这种方式生成token
-		final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(NOW_TIME).setNotBefore(EXPIRED_TIME)
-				.setExpiresAt(EXPIRED_TIME).setKey("123456".getBytes()).sign();
+		final String token = JWT.create().setPayload("sub", "blue-light").setIssuedAt(nowTime).setNotBefore(expiredTime)
+				.setExpiresAt(expiredTime).setKey("123456".getBytes()).sign();
 
 		// 使用这种方式验证token
-		JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(NOW + 4000), 10);
+		JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now - 4000), 10);
+		JWTValidator.of(JWT.of(token)).validateDate(DateUtil.date(now + 4000), 10);
 	}
 }