diff --git a/ci/Jenkinsfile b/ci/Jenkinsfile
index 113ed2a..40daa1f 100644
--- a/ci/Jenkinsfile
+++ b/ci/Jenkinsfile
@@ -32,7 +32,12 @@ pipeline {
 
                     stage('Build') {
                         steps {
-                            sh '. ci/build.sh'
+                            withCredentials([file(
+                                credentialsId: 'kmod-signing-cert',
+                                variable: 'SIGNING_KEY',
+                            )]) {
+                                sh '. ci/build.sh'
+                            }
                         }
                     }
                 }
diff --git a/ci/build.sh b/ci/build.sh
index 0c11384..64db21f 100644
--- a/ci/build.sh
+++ b/ci/build.sh
@@ -1,6 +1,10 @@
 #!/bin/sh
 
 if [ $(id -u) -eq 0 ]; then
+    kver=$(rpm -q --qf %{VERSION}-%{RELEASE}.%{ARCH} kernel-devel)
+    ln -s "${SIGNING_KEY}" /usr/src/kernels/${kver}/certs/signing_key.x509
+    ln -s "${SIGNING_KEY}" /usr/src/kernels/${kver}/certs/signing_key.pem
+
     exec setpriv --clear-groups --reuid 1000 --regid 1000 --inh-caps=-all \
         sh -ex ci/build.sh
 fi