diff --git a/src/freedombone-app-matrix b/src/freedombone-app-matrix
index 416c60081a494ddc9f5b616ef06a48a375aed6e5..4892dd4d18c5d8f96a2bd35a60651a338539453d 100755
--- a/src/freedombone-app-matrix
+++ b/src/freedombone-app-matrix
@@ -98,6 +98,23 @@ function matrix_generate_certs_for_onion {
     rm /etc/ssl/private/matrix*
 }
 
+function set_matrix_trusted_key_servers {
+    homeserver_config="${MATRIX_DATA_DIR}/homeserver.yaml"
+
+    if grep -q '# Matrix Key Servers' $homeserver_config; then
+	return
+    fi
+    matrix_key_server=$MATRIX_DOMAIN_NAME
+    if [[ "$ONION_ONLY" != 'no' ]]; then
+	matrix_key_server=$(cat /var/lib/tor/hidden_service_matrix/hostname)
+    fi
+    { echo '';
+      echo '# Matrix Key Servers';
+      echo 'trusted_key_servers:';
+      echo "  - server_name: \"$matrix_key_server\""; } >> $homeserver_config
+    systemctl restart matrix
+}
+
 function change_default_domain_name_matrix {
     new_default_domain_name="$1"
 
@@ -622,6 +639,7 @@ function upgrade_matrix {
        return
     fi
 
+    set_matrix_trusted_key_servers
     matrix_add_onion_federation
 
     # update connection rate limits
@@ -1273,6 +1291,10 @@ function install_matrix {
 
     increment_app_install_progress
 
+    set_matrix_trusted_key_servers
+
+    increment_app_install_progress
+    
     export TMPDIR=/tmp
     if [ -d "$INSTALL_DIR/tmp" ]; then
         rm -rf "$INSTALL_DIR/tmp"