diff --git a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
index e6c6e1d19..7568b9341 100755
--- a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
+++ b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
@@ -112,34 +112,59 @@ fi
 RPROC_KEY_PASS_FILE="${CONFIG_SIGN_KEYS_PATH}/rproc-keys/key_pass.txt"
 
 # Generate random keys for Cortex-M coprocessor if they don't exist
-if [ "${PLATFORM}" = "ccmp25" ]; then
+if [ "${PLATFORM}" = "ccmp15" ] || [ "${PLATFORM}" = "ccmp25" ]; then
 	N_PUBK="$(ls -l ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey*.pem 2>/dev/null | wc -l)"
 	N_PRVK="$(ls -l ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/privateKey*.pem 2>/dev/null | wc -l)"
 	N_DERK="$(ls -l ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey*.der 2>/dev/null | wc -l)"
 	install -d "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/"
-	if [ "${N_PUBK}" = "1" ] && [ "${N_PRVK}" = "1" ] && [ "${N_DERK}" = "1" ] && [ -f "${RPROC_KEY_PASS_FILE}" ]; then
-		# PKI tree already exists.
-		echo "Using existing PKI tree for Cortex-M coprocessor"
-	elif [ "${N_PUBK}" != "1" ] && [ "${N_PRVK}" != 1 ] && [ "${N_DERK}" != "1" ] && [ ! -f "${RPROC_KEY_PASS_FILE}" ]; then
-		# Random password
-		password="$(openssl rand -base64 32)"
-		echo "Generating random key"
-		if ! STM32MP_KeyGen_CLI -abs "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/" -pwd ${password}; then
-			echo "[ERROR] Could not generate PKI tree for Cortex-M coprocessor"
-			exit 1
-		fi
-		echo "${password}" > "${RPROC_KEY_PASS_FILE}"
-		chmod 400 "${RPROC_KEY_PASS_FILE}"
-		# Generate DER version of public key
-		if ! openssl ec -pubin -in ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.pem \
-		           -outform DER -pubout \
-		           -out ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.der; then
-			echo "[ERROR] Could not generate DER public key for Cortex-M coprocessor"
+
+	if [ "${PLATFORM}" = "ccmp15" ]; then
+		if [ "${N_PUBK}" = "1" ] && [ "${N_PRVK}" = "1" ]; then
+			# PKI tree already exists.
+			echo "Using existing PKI tree for Cortex-M coprocessor"
+		elif [ "${N_PUBK}" = "0" ] && [ "${N_PRVK}" = "0" ]; then
+			echo "Generating random key"
+			if ! openssl genrsa -out "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/privateKey.pem" 2048; then
+				echo "[ERROR] Could not generate private key for Cortex-M coprocessor"
+				exit 1
+			fi
+			chmod 444 "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/privateKey.pem"
+			# Generate public key
+			if ! openssl rsa -pubout -in ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/privateKey.pem \
+				-out ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.pem; then
+				echo "[ERROR] Could not generate public key for Cortex-M coprocessor"
+				exit 1
+			fi
+			chmod 400 "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.pem"
+		else
+			echo "[ERROR] Could not generate PKI tree for Cortex-M coprocessor. An incomplete PKI tree may already exist."
 			exit 1
 		fi
 	else
-		echo "[ERROR] Could not generate PKI tree for Cortex-M coprocessor. An incomplete PKI tree may already exist."
-		exit 1
+		if [ "${N_PUBK}" = "1" ] && [ "${N_PRVK}" = "1" ] && [ "${N_DERK}" = "1" ] && [ -f "${RPROC_KEY_PASS_FILE}" ]; then
+			# PKI tree already exists.
+			echo "Using existing PKI tree for Cortex-M coprocessor"
+		elif [ "${N_PUBK}" = "0" ] && [ "${N_PRVK}" = "0" ] && [ "${N_DERK}" = "0" ] && [ ! -f "${RPROC_KEY_PASS_FILE}" ]; then
+			# Random password
+			password="$(openssl rand -base64 32)"
+			echo "Generating random key"
+			if ! STM32MP_KeyGen_CLI -abs "${CONFIG_SIGN_KEYS_PATH}/rproc-keys/" -pwd ${password}; then
+				echo "[ERROR] Could not generate PKI tree for Cortex-M coprocessor"
+				exit 1
+			fi
+			echo "${password}" > "${RPROC_KEY_PASS_FILE}"
+			chmod 400 "${RPROC_KEY_PASS_FILE}"
+			# Generate DER version of public key
+			if ! openssl ec -pubin -in ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.pem \
+				-outform DER -pubout \
+				-out ${CONFIG_SIGN_KEYS_PATH}/rproc-keys/publicKey.der; then
+				echo "[ERROR] Could not generate DER public key for Cortex-M coprocessor"
+				exit 1
+			fi
+		else
+			echo "[ERROR] Could not generate PKI tree for Cortex-M coprocessor. An incomplete PKI tree may already exist."
+			exit 1
+		fi
 	fi
 fi