Find if a certificate is self signed or CA signed

Question

I have a web app, which allows user to upload pkcs12. I store the pkcs12 as binary in database. Is there any way for me to know if the certificate in the pkcs12 is self signed

Answer 1

Java is unable to analyze PKCS12 so that you have to convert it to keystore using openssl.

Here the keystore has both private key and X509 certificate(or you can choose only to store certificate). Then get the issuer from keystore using standard JAVA API and manually verify issuer.