diff --git a/helpers/config b/helpers/config
index 8d92072adbb0bc737f58f99a36b4b53af1bc6f5c..25e4358c7b7cc04121f4f7a9eb7a4f91f17f43c3 100755
--- a/helpers/config
+++ b/helpers/config
@@ -158,7 +158,10 @@ apt-get source $PACKAGE --download-only -c ${LOCAL_APT}/etc/apt.conf
 if grep -q "BEGIN PGP SIGNATURE" *.dsc; then
   KEY=$(gpg2 --keyid-format 0xlong --verify  *.dsc  2>&1 | grep 0x | sed 's/.*0x//' || true)
   [ -z "$KEY" ] && KEY=$(gpgv --keyring ${LOCAL_APT}/etc/trusted.gpg *.dsc 2>&1 | egrep ".SA key" | sed 's/.*.SA key //' || true)
-  apt-key --keyring ${LOCAL_APT}/etc/trusted.gpg adv --recv-keys --keyserver hkps://keyserver.ubuntu.com:443 $KEY > /dev/null
+  if ! apt-key --keyring ${LOCAL_APT}/etc/trusted.gpg adv --recv-keys --keyserver hkps://keyserver.ubuntu.com:443 $KEY > /dev/null; then
+    echo "W: invalid key from keyserver.ubuntu.com, fetching from db.debian.org"
+    apt-key --keyring ${LOCAL_APT}/etc/trusted.gpg adv --recv-keys --keyserver hkps://keyring.debian.org:443 $KEY > /dev/null
+  fi
   touch ${LOCAL_APT}/keyring.gpg
   gpg2 --keyring ${LOCAL_APT}/keyring.gpg --import ${LOCAL_APT}/etc/trusted.gpg
   gpg2 --verify --keyring ${LOCAL_APT}/etc/trusted.gpg *.dsc