Is there any way to check the uploaded certificate is really a pfx certificate?

Question

0

Asked: June 7, 20262026-06-07T07:05:39+00:00 2026-06-07T07:05:39+00:00

Is there any way to check the uploaded certificate is really a pfx certificate?

0

Is there any way to check the uploaded certificate is really a pfx certificate? I tried with the following code:

LazyValidatorForm lazyForm = (LazyValidatorForm) actionForm;
FormFile cerFile = (FormFile) lazyForm.get("cerFile");

if (!cerFile.getContentType().equals("application/x-pkcs12")) {
    /** return error code **/
}

However, most of the time, the content type is application/octet-stream, which is no use

Report

Leave an answer
Cancel reply

You must login to add an answer.

Need An Account,

1 Answer

Editorial Team · Answer 1 · 2026-06-07T07:05:41+00:00

You could try loading the uploaded file into a KeyStore:

LazyValidatorForm lazyForm = (LazyValidatorForm) actionForm;
FormFile cerFile = (FormFile) lazyForm.get("cerFile");

KeyStore keyStore = KeyStore.getInstance("PKCS12");
keyStore.load(cerFile.getInputStream(), null);

Even if the .pfx contains a password protected private key, the .pfx should still be loaded (it’s basically useless without the password but it should load).

If you get no exception and the keyStore.size() equals 1 after the load, then it must be a .pfx file.

Sign Up

Sign In

Forgot Password

The Archive Base Latest Questions

Is there any way to check the uploaded certificate is really a pfx certificate?

Leave an answerCancel reply

1 Answer

Leave an answer
Cancel reply