diff --git a/Library/Homebrew/attestation.rb b/Library/Homebrew/attestation.rb
index 63678dc1db..2dc57ad57a 100644
--- a/Library/Homebrew/attestation.rb
+++ b/Library/Homebrew/attestation.rb
@@ -15,8 +15,6 @@ module Homebrew
 
     # @api private
     BACKFILL_REPO = "trailofbits/homebrew-brew-verify"
-    # @api private
-    BACKFILL_REPO_CI_URI = "https://github.com/trailofbits/homebrew-brew-verify/.github/workflows/backfill_signatures.yml@refs/heads/main"
 
     # No backfill attestations after this date are considered valid.
     #
@@ -121,7 +119,15 @@ module Homebrew
         url_sha256 = Digest::SHA256.hexdigest(bottle.url)
         subject = "#{url_sha256}--#{bottle.filename}"
 
-        backfill_attestation = check_attestation bottle, BACKFILL_REPO, BACKFILL_REPO_CI_URI, subject
+        # We don't pass in a signing workflow for backfill signatures because
+        # some backfilled bottle signatures were signed from the 'backfill'
+        # branch, and others from 'main' of trailofbits/homebrew-brew-verify
+        # so the signing workflow is slightly different which causes some bottles to incorrectly
+        # fail when checking their attestation. This shouldn't meaningfully affect security
+        # because if somehow someone could generate false backfill attestations
+        # from a different workflow we will still catch it because the
+        # attestation would have been generated after our cutoff date.
+        backfill_attestation = check_attestation bottle, BACKFILL_REPO, nil, subject
         timestamp = backfill_attestation.dig("verificationResult", "verifiedTimestamps",
                                              0, "timestamp")
 
diff --git a/Library/Homebrew/test/attestation_spec.rb b/Library/Homebrew/test/attestation_spec.rb
index b04b0946a7..e24664bd8d 100644
--- a/Library/Homebrew/test/attestation_spec.rb
+++ b/Library/Homebrew/test/attestation_spec.rb
@@ -124,8 +124,7 @@ RSpec.describe Homebrew::Attestation do
 
       expect(Utils).to receive(:safe_popen_read)
         .with(fake_gh, "attestation", "verify", cached_download, "--repo",
-              described_class::BACKFILL_REPO, "--format", "json", "--cert-identity",
-              described_class::BACKFILL_REPO_CI_URI)
+              described_class::BACKFILL_REPO, "--format", "json")
         .and_return(fake_json_resp_backfill)
 
       described_class.check_core_attestation fake_bottle
@@ -141,8 +140,7 @@ RSpec.describe Homebrew::Attestation do
 
       expect(Utils).to receive(:safe_popen_read)
         .with(fake_gh, "attestation", "verify", cached_download, "--repo",
-              described_class::BACKFILL_REPO, "--format", "json", "--cert-identity",
-              described_class::BACKFILL_REPO_CI_URI)
+              described_class::BACKFILL_REPO, "--format", "json")
         .and_return(fake_json_resp_too_new)
 
       expect do