diff --git a/app/models/gpg_signature.rb b/app/models/gpg_signature.rb
index 03294354d91210c637baf5f2fc01943cbf322bf9..4fe9c3210ff6c00f140e4215a072d28fc448e7ac 100644
--- a/app/models/gpg_signature.rb
+++ b/app/models/gpg_signature.rb
@@ -4,4 +4,5 @@ class GpgSignature < ActiveRecord::Base
 
   validates :commit_sha, presence: true
   validates :project, presence: true
+  validates :gpg_key_primary_keyid, presence: true
 end
diff --git a/lib/gitlab/gpg/commit.rb b/lib/gitlab/gpg/commit.rb
index 2b61caaebb5fe764e204d1272077d92df27fb9b5..8d2e6269618e4938b13cce4f935b89c857d44f72 100644
--- a/lib/gitlab/gpg/commit.rb
+++ b/lib/gitlab/gpg/commit.rb
@@ -43,12 +43,14 @@ module Gitlab
       end
 
       def create_cached_signature!(gpg_key)
+        verified_signature_result = verified_signature
+
         GpgSignature.create!(
           commit_sha: commit.sha,
           project: commit.project,
           gpg_key: gpg_key,
-          gpg_key_primary_keyid: gpg_key&.primary_keyid,
-          valid_signature: !!(gpg_key && gpg_key.verified? && verified_signature.valid?)
+          gpg_key_primary_keyid: gpg_key&.primary_keyid || verified_signature_result.fingerprint,
+          valid_signature: !!(gpg_key && gpg_key.verified? && verified_signature_result.valid?)
         )
       end
     end
diff --git a/spec/lib/gitlab/gpg/commit_spec.rb b/spec/lib/gitlab/gpg/commit_spec.rb
index 539e6d4641f892a8451df1bbf87f15fb2aa3d6c0..448b16a656ea07bc54539b85f7c9dd1dc9b12b66 100644
--- a/spec/lib/gitlab/gpg/commit_spec.rb
+++ b/spec/lib/gitlab/gpg/commit_spec.rb
@@ -100,7 +100,7 @@ RSpec.describe Gitlab::Gpg::Commit do
           commit_sha: '0beec7b5ea3f0fdbc95d0dd47f3c5bc275da8a33',
           project: project,
           gpg_key: nil,
-          gpg_key_primary_keyid: nil,
+          gpg_key_primary_keyid: GpgHelpers::User1.primary_keyid,
           valid_signature: false
         )
       end
diff --git a/spec/models/gpg_signature_spec.rb b/spec/models/gpg_signature_spec.rb
index d2720c416941f2d05dca42238730735babb0ced2..b3f8426287427a822d2fc33d3f4991439259ec71 100644
--- a/spec/models/gpg_signature_spec.rb
+++ b/spec/models/gpg_signature_spec.rb
@@ -10,5 +10,6 @@ RSpec.describe GpgSignature do
     subject { described_class.new }
     it { is_expected.to validate_presence_of(:commit_sha) }
     it { is_expected.to validate_presence_of(:project) }
+    it { is_expected.to validate_presence_of(:gpg_key_primary_keyid) }
   end
 end