diff --git a/tests-extra/tests/dnssec/dnskey_algorithms/data/generate_keys.sh b/tests-extra/tests/dnssec/dnskey_algorithms/data/generate_keys.sh
index cfd52b0ec02b745eeec14c7939865b0b4bd47844..b6db1f0314344601f1c8896b1ed9d32f3e372a3d 100755
--- a/tests-extra/tests/dnssec/dnskey_algorithms/data/generate_keys.sh
+++ b/tests-extra/tests/dnssec/dnskey_algorithms/data/generate_keys.sh
@@ -34,6 +34,14 @@ keygen -a RSASHA256 -b 2048 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_ecdsa_roll_ok
 keygen -a RSASHA256 -b 1024 -P $TIME_PAST -A $TIME_PAST rsa_ecdsa_roll_ok
 keygen -a ECDSAP256SHA256 -P $TIME_FUTURE -A $TIME_PAST rsa_ecdsa_roll_ok
 
+#
+# valid single-type signing scheme scenarios
+#
+
+keygen -a RSASHA256 -b 2048 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_stss_ksk
+
+keygen -a RSASHA256 -b 2048 -P $TIME_PAST -A $TIME_PAST rsa_stss_zsk
+
 #
 # invalid scenarios
 #
@@ -53,9 +61,6 @@ keygen -a RSASHA256 -b 1024 -P $TIME_PAST -A $TIME_FUTURE rsa_inactive_zsk
 keygen -a RSASHA256 -b 2048 -P $TIME_FUTURE -A $TIME_FUTURE -f KSK rsa_no_zsk
 keygen -a RSASHA256 -b 1024 -P $TIME_PAST -A $TIME_PAST rsa_no_zsk
 
-keygen -a RSASHA256 -b 2048 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_twice_ksk
-keygen -a RSASHA256 -b 1024 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_twice_ksk
-
 keygen -a RSASHA256 -b 2048 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_ecdsa_ksk_only
 keygen -a RSASHA256 -b 1024 -P $TIME_PAST -A $TIME_PAST rsa_ecdsa_ksk_only
 keygen -a ECDSAP256SHA256 -P $TIME_PAST -A $TIME_PAST -f KSK rsa_ecdsa_ksk_only
diff --git a/tests-extra/tests/dnssec/dnskey_algorithms/data/keys.tgz b/tests-extra/tests/dnssec/dnskey_algorithms/data/keys.tgz
index 25aef643afd6f39ff8f00ea290eb7016b4300bac..0161a309a833c4628c036bd6f4d0a880e840406e 100644
Binary files a/tests-extra/tests/dnssec/dnskey_algorithms/data/keys.tgz and b/tests-extra/tests/dnssec/dnskey_algorithms/data/keys.tgz differ
diff --git a/tests-extra/tests/dnssec/dnskey_algorithms/test.py b/tests-extra/tests/dnssec/dnskey_algorithms/test.py
index 20b81d4c4c10535f0cfb2c377971067a3fa8c736..b1ad20de210c755d7d0702f60644459e709dcde7 100644
--- a/tests-extra/tests/dnssec/dnskey_algorithms/test.py
+++ b/tests-extra/tests/dnssec/dnskey_algorithms/test.py
@@ -14,13 +14,15 @@ TEST_CASES = {
     "rsa_ok":             True,
     "rsa_ecdsa_ok":       True,
     "rsa_ecdsa_roll_ok":  True,
+    # valid single-type signing
+    "rsa_stss_ksk":       True,
+    "rsa_stss_zsk":       True,
     # invalid cases
     "rsa_future_all":     False,
     "rsa_future_publish": False,
     "rsa_future_active":  False,
     "rsa_inactive_zsk":   False,
     "rsa_no_zsk":         False,
-    "rsa_twice_ksk":      False,
     "rsa_ecdsa_ksk_only": False,
     "rsa256_rsa512":      False,
 }