diff --git a/.circleci/config.yml b/.circleci/config.yml
index 6d9e6aa6..a7eca12d 100644
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@@ -189,7 +189,7 @@ common-steps:
         git push origin master
 
   - &sign_rpm
-    run: 
+    run:
       name: Sign rpms with test GPG key
       command: |
         ./devops/ci-sign-rpm
diff --git a/devops/ci-sign-rpm b/devops/ci-sign-rpm
index e82799d8..e274a1b7 100755
--- a/devops/ci-sign-rpm
+++ b/devops/ci-sign-rpm
@@ -1,6 +1,7 @@
 set -u
 set -e
 
+# Same version as: https://github.com/freedomofpress/securedrop-workstation/blob/master/scripts/build-dom0-rpm#L10
 export FEDORA_PKGR_VER=0.6.0.1-1.fc25
 export USER_RPMDIR="/home/circleci/packaging/securedrop-workstation/rpm-build"
 export CI_DEVOPS_FOLDER="/home/circleci/project/devops"
@@ -22,13 +23,10 @@ function docker_cmd_wrapper() {
 
 build_docker_container
 
-# If a gpg key has already been imported, gpg --import will return 2, hence the | true
-# to ensure a 0 exit code in the import.
-# Importing test key...
 RPM_PATH=/home/circleci/rpm-build/RPMS/noarch/*.rpm
-docker_cmd_wrapper "echo $SD_TEST_GPG_PRIVKEY | base64 -di | gpg2 --import | true && \
+docker_cmd_wrapper "echo $SD_TEST_GPG_PRIVKEY | base64 -di | gpg2 --import && \
                     gpg2 --export --armor 4A3BE4A92211B03C > pubkey.asc && \
                     sudo rpm --import pubkey.asc && \
                     sudo chown -R circleci ~/rpm-build && \
-                    rpmsign --define \"_gpg_name SecureDrop TESTING key <securedrop@freedom.press>\" --resign $RPM_PATH && \
+                    rpmsign --define \"_gpg_name 4ED79CC3362D7D12837046024A3BE4A92211B03C\" --resign $RPM_PATH && \
                     rpm --checksig -v $RPM_PATH"