diff --git a/frameworks/cert_manager_standard/main/common/src/cm_pfx.c b/frameworks/cert_manager_standard/main/common/src/cm_pfx.c
index f0a1cef9b18455dc72b7e7c58b8480180a531062..9f82dda844e3673d43f47d53058ea786ccb392d6 100644
--- a/frameworks/cert_manager_standard/main/common/src/cm_pfx.c
+++ b/frameworks/cert_manager_standard/main/common/src/cm_pfx.c
@@ -200,8 +200,8 @@ static int32_t CmParseCertChain(const struct CmBlob *certChain, struct AppCert *
             break;
         }
 
-        int certCount = sk_X509_num(fullChain);
-        if (certCount == 0) {
+        int32_t certCount = sk_X509_num(fullChain);
+        if (certCount <= 0) {
             CM_LOG_E("cert chain has no cert");
             ret = CMR_ERROR_OPENSSL_FAIL;
             break;
@@ -214,7 +214,7 @@ static int32_t CmParseCertChain(const struct CmBlob *certChain, struct AppCert *
         }
 
         /* default certificate chain is packaged as a whole */
-        appCert->certCount = certCount;
+        appCert->certCount = (uint32_t)certCount;
         appCert->certSize = certChain->size;
         *cert = sk_X509_value(fullChain, 0);
         // Increase the reference count to prevent it from being released