diff --git a/meta-digi-dey/recipes-core/recovery/recovery-initramfs.bb b/meta-digi-dey/recipes-core/recovery/recovery-initramfs.bb
index 04c007a71..7b2a395fe 100644
--- a/meta-digi-dey/recipes-core/recovery/recovery-initramfs.bb
+++ b/meta-digi-dey/recipes-core/recovery/recovery-initramfs.bb
@@ -57,11 +57,22 @@ do_install() {
 				bberror "Unkown TRUSTFENCE_SIGN_MODE value"
 				exit 1
 			fi
+			# Extract the public key from the certificate.
+			install -d ${D}${sysconfdir}/ssl/certs
+			openssl x509 -pubkey -noout -in "${CERT_IMG}" > ${D}${sysconfdir}/ssl/certs/key.pub
+		elif [ "${DEY_SOC_VENDOR}" = "STM" ]; then
+			# Copy the public key to the rootfs
+			if [ "${DIGI_SOM}" = "ccmp15" ]; then
+				PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey00.pem"
+			elif [ "${DIGI_SOM}" = "ccmp13" ]; then
+				PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey0${KEY_INDEX}.pem"
+			else
+				bberror "Unknown DIGI_SOM"
+				exit 1
+			fi
+			install -d ${D}${sysconfdir}/ssl/certs
+			cp ${PUBLIC_KEY} ${D}${sysconfdir}/ssl/certs/key.pub
 		fi
-
-		# Extract the public key from the certificate.
-		install -d ${D}${sysconfdir}/ssl/certs
-		openssl x509 -pubkey -noout -in "${CERT_IMG}" > ${D}${sysconfdir}/ssl/certs/key.pub
 	fi
 }
 
diff --git a/meta-digi-dey/recipes-digi/dualboot/dualboot.bb b/meta-digi-dey/recipes-digi/dualboot/dualboot.bb
index 9036a3c81..188ef3839 100644
--- a/meta-digi-dey/recipes-digi/dualboot/dualboot.bb
+++ b/meta-digi-dey/recipes-digi/dualboot/dualboot.bb
@@ -48,18 +48,31 @@ do_install() {
 		KEY_INDEX_1=$(expr ${KEY_INDEX} + 1)
 
 		# Find the certificate to use.
-		if [ "${TRUSTFENCE_SIGN_MODE}" = "HAB" ]; then
-			CERT_IMG="$(echo ${TRUSTFENCE_SIGN_KEYS_PATH}/crts/IMG${KEY_INDEX_1}*crt.pem)"
-		elif [ "${TRUSTFENCE_SIGN_MODE}" = "AHAB" ]; then
-			CERT_IMG="$(echo ${TRUSTFENCE_SIGN_KEYS_PATH}/crts/SRK${KEY_INDEX_1}*_ca_crt.pem)"
-		else
-			bberror "Unkown TRUSTFENCE_SIGN_MODE value"
-			exit 1
+		if [ "${DEY_SOC_VENDOR}" = "NXP" ]; then
+			if [ "${TRUSTFENCE_SIGN_MODE}" = "HAB" ]; then
+				CERT_IMG="$(echo ${TRUSTFENCE_SIGN_KEYS_PATH}/crts/IMG${KEY_INDEX_1}*crt.pem)"
+			elif [ "${TRUSTFENCE_SIGN_MODE}" = "AHAB" ]; then
+				CERT_IMG="$(echo ${TRUSTFENCE_SIGN_KEYS_PATH}/crts/SRK${KEY_INDEX_1}*_ca_crt.pem)"
+			else
+				bberror "Unknown TRUSTFENCE_SIGN_MODE value"
+				exit 1
+			fi
+			# Extract the public key from the certificate.
+			install -d ${D}${sysconfdir}/ssl/certs
+			openssl x509 -pubkey -noout -in "${CERT_IMG}" > ${D}${sysconfdir}/ssl/certs/key.pub
+		elif [ "${DEY_SOC_VENDOR}" = "STM" ]; then
+			# Copy the public key to the rootfs
+			if [ "${DIGI_SOM}" = "ccmp15" ]; then
+				PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey00.pem"
+			elif [ "${DIGI_SOM}" = "ccmp13" ]; then
+				PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey0${KEY_INDEX}.pem"
+			else
+				bberror "Unknown DIGI_SOM"
+				exit 1
+			fi
+			install -d ${D}${sysconfdir}/ssl/certs
+			cp ${PUBLIC_KEY} ${D}${sysconfdir}/ssl/certs/key.pub
 		fi
-
-		# Extract the public key from the certificate.
-		install -d ${D}${sysconfdir}/ssl/certs
-		openssl x509 -pubkey -noout -in "${CERT_IMG}" > ${D}${sysconfdir}/ssl/certs/key.pub
 	fi
 }