diff --git a/.github/workflows/publish-maven-central.yml b/.github/workflows/publish-maven-central.yml
index d640058..ae8b9b2 100644
--- a/.github/workflows/publish-maven-central.yml
+++ b/.github/workflows/publish-maven-central.yml
@@ -14,6 +14,9 @@ jobs:
   publish:
     runs-on: ubuntu-latest
     
+    env:
+      GPG_FILE_NAME: onesignal_sdk_gpg_subkeys.gpg
+
     steps:
       - name: Checkout code
         uses: actions/checkout@v4
@@ -49,6 +52,16 @@ jobs:
       - name: Run tests
         run: ./gradlew test
 
+      - name: Decode GPG file from secret
+        run: |
+          echo "${{ secrets.SIGNING_SECRET_KEY_RING_FILE }}" | base64 -d > "$GPG_FILE_NAME"
+          echo "GPG_FILE_PATH=$(pwd)/$GPG_FILE_NAME" >> $GITHUB_ENV
+
+      - name: Verify GPG file
+        run: |
+          ls -lh "$GPG_FILE_PATH"
+          gpg --list-packets "$GPG_FILE_PATH" || echo "Invalid key file!"
+
       - name: Publish to Maven Central
         run: |
           ./gradlew publishToMavenCentral --no-configuration-cache \
@@ -56,7 +69,7 @@ jobs:
             -PmavenCentralPassword="${{ secrets.MAVEN_CENTRAL_PASSWORD }}" \
             -Psigning.keyId="${{ secrets.SIGNING_KEY_ID }}" \
             -Psigning.password="${{ secrets.SIGNING_PASSWORD }}" \
-            -Psigning.secretKeyRingFile="${{ secrets.SIGNING_SECRET_KEY_RING_FILE }}"
+            -Psigning.secretKeyRingFile="$GPG_FILE_PATH"
 
       - name: Upload build artifacts
         uses: actions/upload-artifact@v4