diff --git a/modules/admin/lib/Controller/Config.php b/modules/admin/lib/Controller/Config.php
index fbfd9e11173d333a13bca6264836c7a3ff2e354a..026235804014f2d547f08be5d4aea33d185a489e 100644
--- a/modules/admin/lib/Controller/Config.php
+++ b/modules/admin/lib/Controller/Config.php
@@ -341,13 +341,15 @@ class Config
             'enabled' => $this->config->getString('auth.adminpassword', '123') !== '123',
         ];
 
+        $cryptoUtils = new Utils\Crypto();
+
         // perform some sanity checks on the configured certificates
         if ($this->config->getString('enable.saml20-idp', false) !== false) {
             $handler = MetaDataStorageHandler::getMetadataHandler();
             $metadata = $handler->getMetaDataCurrent('saml20-idp-hosted');
             $metadata_config = Configuration::loadfromArray($metadata);
-            $private = Utils\Crypto::loadPrivateKey($metadata_config, false);
-            $public = Utils\Crypto::loadPublicKey($metadata_config, false);
+            $private = $cryptoUtils->loadPrivateKey($metadata_config, false);
+            $public = $cryptoUtils->loadPublicKey($metadata_config, false);
 
             $matrix[] = [
                 'required' => 'required',
@@ -355,9 +357,9 @@ class Config
                 'enabled' => $this->matchingKeyPair($public['PEM'], [$private['PEM'], $private['password']]),
             ];
 
-            $private = Utils\Crypto::loadPrivateKey($metadata_config, false, 'new_');
+            $private = $cryptoUtils->loadPrivateKey($metadata_config, false, 'new_');
             if ($private !== null) {
-                $public = Utils\Crypto::loadPublicKey($metadata_config, false, 'new_');
+                $public = $cryptoUtils->loadPublicKey($metadata_config, false, 'new_');
                 $matrix[] = [
                     'required' => 'required',
                     'descr' => Translate::noop('Matching key-pair for signing assertions (rollover key)'),
@@ -367,8 +369,8 @@ class Config
         }
 
         if ($this->config->getBoolean('metadata.sign.enable', false) !== false) {
-            $private = Utils\Crypto::loadPrivateKey($this->config, false, 'metadata.sign.');
-            $public = Utils\Crypto::loadPublicKey($this->config, false, 'metadata.sign.');
+            $private = $cryptoUtils->loadPrivateKey($this->config, false, 'metadata.sign.');
+            $public = $cryptoUtils->loadPublicKey($this->config, false, 'metadata.sign.');
             $matrix[] = [
                 'required' => 'required',
                 'descr' => Translate::noop('Matching key-pair for signing metadata'),