diff --git a/.gitea/workflows/testflight-release.yml b/.gitea/workflows/testflight-release.yml
index c73af48..26505d6 100644
--- a/.gitea/workflows/testflight-release.yml
+++ b/.gitea/workflows/testflight-release.yml
@@ -84,10 +84,10 @@ jobs:
           : "${APPSTORE_PROVISIONING_PROFILE_BASE64:?APPSTORE_PROVISIONING_PROFILE_BASE64 secret is required}"
 
           keychain_password="$(uuidgen)"
-          keychain_name="${SIGNING_KEYCHAIN}.keychain"
           previous_default_keychain="$(security default-keychain -d user | sed 's/[ "]//g' || true)"
           developer_dir="$(xcode-select -p)"
           signing_dir="$(mktemp -d "${RUNNER_TEMP:-${TMPDIR:-/tmp}}/sybil-signing.XXXXXX")"
+          keychain_path="${signing_dir}/${SIGNING_KEYCHAIN}.keychain-db"
           certificate_path="${signing_dir}/appstore-signing.p12"
           profile_path="${signing_dir}/Sybil_AppStore_CI.mobileprovision"
           profile_plist="${signing_dir}/profile.plist"
@@ -109,25 +109,25 @@ jobs:
           cp "${profile_path}" "${old_named_profile_path}"
           cp "${profile_path}" "${xcode_named_profile_path}"
 
-          security create-keychain -p "${keychain_password}" "${keychain_name}"
-          security set-keychain-settings -lut 21600 "${keychain_name}"
-          security unlock-keychain -p "${keychain_password}" "${keychain_name}"
+          security create-keychain -p "${keychain_password}" "${keychain_path}"
+          security set-keychain-settings -lut 21600 "${keychain_path}"
+          security unlock-keychain -p "${keychain_password}" "${keychain_path}"
           security import "${certificate_path}" \
-            -k "${keychain_name}" \
+            -k "${keychain_path}" \
             -f pkcs12 \
             -P "${APPSTORE_CERTIFICATES_PASSWORD}" \
             -T /usr/bin/codesign \
             -T /usr/bin/security \
             -T /usr/bin/xcodebuild \
             -T "${developer_dir}/usr/bin/xcodebuild"
-          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "${keychain_password}" "${keychain_name}"
-          security list-keychains -d user -s "${keychain_name}" $(security list-keychains -d user | sed 's/[ "]//g')
-          security default-keychain -d user -s "${keychain_name}"
-          security find-identity -v -p codesigning "${keychain_name}"
+          security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k "${keychain_password}" "${keychain_path}"
+          security list-keychains -d user -s "${keychain_path}" $(security list-keychains -d user | sed 's/[ "]//g')
+          security default-keychain -d user -s "${keychain_path}"
+          security find-identity -v -p codesigning "${keychain_path}"
           security find-identity -v -p codesigning
           echo "Installed ${profile_name} (${profile_uuid}) provisioning profile"
           {
-            echo "SYBIL_SIGNING_KEYCHAIN_PATH=${keychain_name}"
+            echo "SYBIL_SIGNING_KEYCHAIN_PATH=${keychain_path}"
             echo "SYBIL_SIGNING_KEYCHAIN_PASSWORD=${keychain_password}"
             echo "SYBIL_PREVIOUS_DEFAULT_KEYCHAIN=${previous_default_keychain}"
             echo "SYBIL_PROVISIONING_PROFILE_UUID=${profile_uuid}"
@@ -255,5 +255,5 @@ jobs:
             "${SYBIL_XCODE_PROFILE_PATH:-}" \
             "${SYBIL_OLD_NAMED_PROFILE_PATH:-}" \
             "${SYBIL_XCODE_NAMED_PROFILE_PATH:-}"
+          security delete-keychain "${SYBIL_SIGNING_KEYCHAIN_PATH:-}" || true
           rm -rf "${SYBIL_SIGNING_DIR:-}"
-          security delete-keychain "${SIGNING_KEYCHAIN}.keychain" || true