diff --git a/Gemfile b/Gemfile
index e04a506a2cc8c823cf161e8f7af6c51b5133f40b..b6297d42a81b2bc4825d108a99989942c7a04b10 100644
--- a/Gemfile
+++ b/Gemfile
@@ -322,7 +322,7 @@ gem 'gon', '~> 6.4.0'
 gem 'request_store', '~> 1.5.1'
 gem 'base32', '~> 0.3.0'
 
-gem 'gitlab-license', '~> 2.2.1'
+gem 'gitlab-license', '~> 2.3'
 
 # Protect against bruteforcing
 gem 'rack-attack', '~> 6.6.1'
diff --git a/Gemfile.checksum b/Gemfile.checksum
index fb11e5ca0d92576f6cc702dc0e420bc1abe055ec..1f50f662d619bedf28fbee12849dbe2aec3fb183 100644
--- a/Gemfile.checksum
+++ b/Gemfile.checksum
@@ -214,7 +214,7 @@
 {"name":"gitlab-experiment","version":"0.7.1","platform":"ruby","checksum":"166dddb3aa83428bcaa93c35684ed01dc4d61f321fd2ae40b020806dc54a7824"},
 {"name":"gitlab-fog-azure-rm","version":"1.7.0","platform":"ruby","checksum":"969c67943c54ad4c259a6acd040493f13922fbdf2211bb4eca00e71505263dc2"},
 {"name":"gitlab-labkit","version":"0.33.0","platform":"ruby","checksum":"d1fba8d30fde314a3f5dee1921ac31860bed4fecd8aa98ac6671f2627479e05b"},
-{"name":"gitlab-license","version":"2.2.2","platform":"ruby","checksum":"2ccbc763828d013524b0b3b9ee671e58d5277693e5ffb2e5463cbac87e8aed1e"},
+{"name":"gitlab-license","version":"2.3.0","platform":"ruby","checksum":"60cae3871c46607dde58994faf761c6755adc61133a92e5ab59ab26a8b9b4157"},
 {"name":"gitlab-mail_room","version":"0.0.23","platform":"ruby","checksum":"23564fa4dab24ec5011d4c64a801fc0228301d5b0f046a26a1d8e96e36c19997"},
 {"name":"gitlab-markup","version":"1.9.0","platform":"ruby","checksum":"7eda045a08ec2d110084252fa13a8c9eac8bdac0e302035ca7db4b82bcbd7ed4"},
 {"name":"gitlab-net-dns","version":"0.9.2","platform":"ruby","checksum":"f726d978479d43810819f12a45c0906d775a07e34df111bbe693fffbbef3059d"},
diff --git a/Gemfile.lock b/Gemfile.lock
index c060d1739beff14daa8fdfa20e526bc070a49a55..42466e18f00a505cfa55fbdb49453e9ade36d4f8 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -610,7 +610,7 @@ GEM
       opentracing (~> 0.4)
       pg_query (~> 4.2.1)
       redis (> 3.0.0, < 6.0.0)
-    gitlab-license (2.2.2)
+    gitlab-license (2.3.0)
     gitlab-mail_room (0.0.23)
       jwt (>= 2.0)
       net-imap (>= 0.2.1)
@@ -1748,7 +1748,7 @@ DEPENDENCIES
   gitlab-experiment (~> 0.7.1)
   gitlab-fog-azure-rm (~> 1.7.0)
   gitlab-labkit (~> 0.33.0)
-  gitlab-license (~> 2.2.1)
+  gitlab-license (~> 2.3)
   gitlab-mail_room (~> 0.0.23)
   gitlab-markup (~> 1.9.0)
   gitlab-net-dns (~> 0.9.2)
diff --git a/config/initializers/0_license.rb b/config/initializers/0_license.rb
index c1a2048b28dc7d0083cce3b70e4116e44266d4f3..c6a09a2f76977c9f5279b94d6eb5b501e24da527 100644
--- a/config/initializers/0_license.rb
+++ b/config/initializers/0_license.rb
@@ -1,12 +1,23 @@
 # frozen_string_literal: true
 
 load_license = lambda do |dir:, license_name:|
-  prefix = ENV['GITLAB_LICENSE_MODE'] == 'test' ? 'test_' : ''
-  public_key_file = File.read(Rails.root.join(dir, ".#{prefix}license_encryption_key.pub"))
-  public_key = OpenSSL::PKey::RSA.new(public_key_file)
-  Gitlab::License.encryption_key = public_key
-rescue StandardError
-  warn "WARNING: No valid #{license_name} encryption key provided."
+  begin
+    public_key_file = File.read(Rails.root.join(dir, ".license_encryption_key.pub"))
+    public_key = OpenSSL::PKey::RSA.new(public_key_file)
+    Gitlab::License.encryption_key = public_key
+  rescue StandardError
+    warn "WARNING: No valid #{license_name} encryption key provided."
+  end
+
+  begin
+    if Rails.env.development? || Rails.env.test? || ENV['GITLAB_LICENSE_MODE'] == 'test'
+      fallback_key_file = File.read(Rails.root.join(dir, ".test_license_encryption_key.pub"))
+      fallback_key = OpenSSL::PKey::RSA.new(fallback_key_file)
+      Gitlab::License.fallback_decryption_keys = [fallback_key]
+    end
+  rescue StandardError
+    warn "WARNING: No fallback #{license_name} decryption key provided."
+  end
 end
 
 Gitlab.ee do