diff --git a/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java b/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java
index f3bce0d147ba9c3edebd61307bed5f7a203daf0e..9159a5ff12f53c6745e4c9bad9dc32354a266a72 100644
--- a/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java
+++ b/token-checker-server/src/main/java/de/ozgcloud/token/saml/SamlDecrypterFactory.java
@@ -41,12 +41,16 @@ import org.opensaml.xmlsec.encryption.support.SimpleRetrievalMethodEncryptedKeyR
 import org.opensaml.xmlsec.keyinfo.KeyInfoCredentialResolver;
 import org.opensaml.xmlsec.keyinfo.impl.CollectionKeyInfoCredentialResolver;
 import org.springframework.security.converter.RsaKeyConverters;
+import org.springframework.stereotype.Component;
 
 import de.ozgcloud.common.errorhandling.TechnicalException;
 import de.ozgcloud.token.TokenValidationProperties.TokenValidationProperty;
 
+@Component
 class SamlDecrypterFactory {
 
+	private static final String X509_CERTIFICATE_TYPE = "X.509";
+
 	public Decrypter buildDecrypter(TokenValidationProperty tokenValidationProperty) {
 		return DecrypterBuilder.builder()
 				.keyEncryptionKeyResolver(buildKeyInfoCredentialResolver(tokenValidationProperty))
@@ -61,7 +65,7 @@ class SamlDecrypterFactory {
 
 	X509Certificate getCertificate(TokenValidationProperty tokenValidationProperty) {
 		try (var inputStream = tokenValidationProperty.getCertificate().getInputStream()) {
-			return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(inputStream);
+			return (X509Certificate) CertificateFactory.getInstance(X509_CERTIFICATE_TYPE).generateCertificate(inputStream);
 		} catch (IOException | CertificateException e) {
 			throw new TechnicalException("Cannot read certificate", e);
 		}