diff --git a/lib/federation/http_signatures/signature.ex b/lib/federation/http_signatures/signature.ex
index 6812cf0d1..e044b0638 100644
--- a/lib/federation/http_signatures/signature.ex
+++ b/lib/federation/http_signatures/signature.ex
@@ -49,12 +49,13 @@ defmodule Mobilizon.Federation.HTTPSignatures.Signature do
   end
 
   # Gets a public key for a given ActivityPub actor ID (url).
+  # sign annonymous fetches with the relay actor's key
   @spec get_public_key_for_url(String.t()) ::
           {:ok, String.t()}
           | {:error, :actor_not_found | :pem_decode_error}
   defp get_public_key_for_url(url) do
     with {:ok, %Actor{} = actor} <-
-           ActivityPubActor.get_or_fetch_actor_by_url(url, ignore_sign_object_fetches: true) do
+           ActivityPubActor.get_or_fetch_actor_by_url(url, on_behalf_of: Relay.get_actor()) do
       get_actor_public_key(actor)
     end
   end
@@ -101,11 +102,9 @@ defmodule Mobilizon.Federation.HTTPSignatures.Signature do
       # Special case if ever it's our own actor fetching ourselves
       get_actor_public_key(relay)
     else
-      # In this specific case we don't sign object fetches because
-      # this would cause infinite recursion when servers both need
-      # to fetch each other's keys
+      # Sign anonymous fetches using the relay actor's key
       with {:ok, %Actor{} = actor} <-
-             ActivityPubActor.make_actor_from_url(actor_url, ignore_sign_object_fetches: true) do
+             ActivityPubActor.make_actor_from_url(actor_url, on_behalf_of: Relay.get_actor()) do
         get_actor_public_key(actor)
       end
     end