diff --git a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
index f9b543284..ad0c4548d 100755
--- a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
+++ b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-gen-pki-stm.sh
@@ -56,15 +56,15 @@ fi
 KEY_PASS_FILE="${CONFIG_SIGN_KEYS_PATH}/keys/key_pass.txt"
 
 # Generate random keys if they don't exist
-N_PUBK="$(ls -l "${CONFIG_SIGN_KEYS_PATH}"/keys/publicKey0* 2>/dev/null | wc -l)"
-N_PRVK="$(ls -l "${CONFIG_SIGN_KEYS_PATH}"/keys/privateKey0* 2>/dev/null | wc -l)"
+N_PUBK="$(ls -l "${CONFIG_SIGN_KEYS_PATH}"/keys/publicKey*.pem 2>/dev/null | wc -l)"
+N_PRVK="$(ls -l "${CONFIG_SIGN_KEYS_PATH}"/keys/privateKey*.pem 2>/dev/null | wc -l)"
 if [ "${PLATFORM}" = "ccmp15" ]; then
 	if [ "${N_PUBK}" != "1" ] && [ "${N_PRVK}" != 1 ] && [ ! -f "${KEY_PASS_FILE}" ]; then
 		install -d "${CONFIG_SIGN_KEYS_PATH}/keys/"
 		# Random password
 		password="$(openssl rand -base64 32)"
 		echo "Generating random key"
-		if ! STM32MP_KeyGen_CLI -abs "${CONFIG_SIGN_KEYS_PATH}/keys/" -pwd ${password} -n 1; then
+		if ! STM32MP_KeyGen_CLI -abs "${CONFIG_SIGN_KEYS_PATH}/keys/" -pwd ${password}; then
 			echo "[ERROR] Could not generate PKI tree"
 			exit 1
 		fi
diff --git a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact-stm.sh b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact-stm.sh
index 35fd33728..236033d95 100755
--- a/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact-stm.sh
+++ b/meta-digi-arm/recipes-digi/trustfence/trustfence-sign-tools/trustfence-sign-artifact-stm.sh
@@ -70,8 +70,8 @@ if ! trustfence-gen-pki.sh -p ${PLATFORM}; then
 fi
 
 if [ "${PLATFORM}" = "ccmp15" ]; then
-	PUBLIC_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/publicKey00.pem"
-	PRIVATE_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/privateKey00.pem"
+	PUBLIC_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/publicKey.pem"
+	PRIVATE_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/privateKey.pem"
 elif [ "${PLATFORM}" = "ccmp13" ]; then
 	PUBLIC_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/publicKey0*.pem"
 	PRIVATE_KEY="${CONFIG_SIGN_KEYS_PATH}/keys/privateKey0${CONFIG_KEY_INDEX}.pem"
diff --git a/meta-digi-dey/classes/trustfence.bbclass b/meta-digi-dey/classes/trustfence.bbclass
index 427775939..35597ecd8 100644
--- a/meta-digi-dey/classes/trustfence.bbclass
+++ b/meta-digi-dey/classes/trustfence.bbclass
@@ -91,7 +91,14 @@ copy_public_key() {
 			openssl x509 -pubkey -noout -in "${CERT_IMG}" > "${PUBLIC_KEY}"
 		fi
 	elif [ "${DEY_SOC_VENDOR}" = "STM" ]; then
-		PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey0${TRUSTFENCE_KEY_INDEX}.pem"
+		if [ "${DIGI_SOM}" = "ccmp15" ]; then
+			PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey.pem"
+		elif [ "${DIGI_SOM}" = "ccmp13" ]; then
+			PUBLIC_KEY="${TRUSTFENCE_SIGN_KEYS_PATH}/keys/publicKey0${TRUSTFENCE_KEY_INDEX}.pem"
+		else
+			bberror "Unknown DIGI_SOM"
+			exit 1
+		fi
 	else
 		echo "ERROR: Cannot determine the public key"
 		exit 1
@@ -142,7 +149,7 @@ python () {
             d.setVar("FIP_SIGN_ENABLE", "1")
             d.setVar("FIP_SIGN_KEY_EXTERNAL", "1")
             if (d.getVar("DIGI_SOM") == "ccmp15" ):
-                d.setVar("FIP_SIGN_KEY", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/privateKey00.pem");
+                d.setVar("FIP_SIGN_KEY", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/privateKey.pem");
             elif (d.getVar("DIGI_SOM") == "ccmp13" ):
                 d.setVar("FIP_SIGN_KEY", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/privateKey0%s.pem" % d.getVar("TRUSTFENCE_KEY_INDEX"));
             d.setVar("TRUSTFENCE_PASSWORD_FILE", d.getVar("TRUSTFENCE_SIGN_KEYS_PATH") + "/keys/key_pass.txt")