diff --git a/util/config/validator.py b/util/config/validator.py
index 3c31ca056..40b4393e2 100644
--- a/util/config/validator.py
+++ b/util/config/validator.py
@@ -458,21 +458,26 @@ def _validate_signer(config, user_obj, _):
 
 def _validate_security_scanner(config, user_obj, _):
   """ Validates the configuration for talking to a Quay Security Scanner. """
+  client = app.config['HTTPCLIENT']
+  api = SecurityScannerAPI(app, config, None, client=client, skip_validation=True)
 
   if not config.get('TESTING', False):
     # Generate a temporary Quay key to use for signing the outgoing requests.
     setup_jwt_proxy()
 
-    # Wait a few seconds for the JWT proxy to startup.
-    time.sleep(2)
+  # We have to wait for JWT proxy to restart with the newly generated key.
+  max_tries = 5
+  response = None
+  while max_tries > 0:
+    response = api.ping()
+    if response.status_code == 200:
+      return
 
-  # Make a ping request to the security service.
-  client = app.config['HTTPCLIENT']
-  api = SecurityScannerAPI(app, config, None, client=client, skip_validation=True)
-  response = api.ping()
-  if response.status_code != 200:
-    message = 'Expected 200 status code, got %s: %s' % (response.status_code, response.text)
-    raise ConfigValidationException('Could not ping security scanner: %s' % message)
+    time.sleep(1)
+    max_tries = max_tries - 1
+
+  message = 'Expected 200 status code, got %s: %s' % (response.status_code, response.text)
+  raise ConfigValidationException('Could not ping security scanner: %s' % message)
 
 
 def _validate_bittorrent(config, user_obj, _):