diff --git a/kdumpctl b/kdumpctl
index 81ba259..c41e6f5 100755
--- a/kdumpctl
+++ b/kdumpctl
@@ -653,20 +653,7 @@ function load_kdump_kernel_key()
                 return
         fi
 
-        KDUMP_KEY_ID=$(cat /usr/share/doc/kernel-keys/$KDUMP_KERNELVER/kernel-signing-ppc.cer |
-                        keyctl padd asymmetric kernelkey-$RANDOM %:.ima)
-}
-
-# remove a previously loaded key. There's no real security implication
-# to leaving it around, we choose to do this because it makes it easier
-# to be idempotent and so as to reduce the potential for confusion.
-function remove_kdump_kernel_key()
-{
-	if [ -z "$KDUMP_KEY_ID" ]; then
-		return
-	fi
-
-	keyctl unlink $KDUMP_KEY_ID %:.ima
+	keyctl padd asymmetric "" %:.ima < "/usr/share/doc/kernel-keys/$KDUMP_KERNELVER/kernel-signing-ppc.cer"
 }
 
 # Load the kdump kernel specified in /etc/sysconfig/kdump
@@ -708,9 +695,7 @@ load_kdump()
 	set +x
 	exec 2>&12 12>&-
 
-	remove_kdump_kernel_key
-
-	if [ $ret == 0 ]; then
+	if [[ $ret == 0 ]]; then
 		dinfo "kexec: loaded kdump kernel"
 		return 0
 	else