diff --git a/modules/jwtx/signingkey.go b/modules/jwtx/signingkey.go
index 55cc522f22..51622cd724 100644
--- a/modules/jwtx/signingkey.go
+++ b/modules/jwtx/signingkey.go
@@ -291,7 +291,7 @@ func CreateSigningKey(algorithm string, key any) (SigningKey, error) {
 func loadOrCreateAsymmetricKey(keyPath, algorithm string) (any, error) {
 	isExist, err := util.IsExist(keyPath)
 	if err != nil {
-		log.Fatal("Unable to check if %s exists. Error: %v", keyPath, err)
+		return nil, fmt.Errorf("Unable to check if %s exists. Error: %v", keyPath, err)
 	}
 	if !isExist {
 		err := func() error {
@@ -352,8 +352,7 @@ func loadOrCreateAsymmetricKey(keyPath, algorithm string) (any, error) {
 			return pem.Encode(f, privateKeyPEM)
 		}()
 		if err != nil {
-			log.Fatal("Error generating private key: %v", err)
-			return nil, err
+			return nil, fmt.Errorf("Error generating private key %s: %v", keyPath, err)
 		}
 	}
 
diff --git a/modules/jwtx/signingkey_test.go b/modules/jwtx/signingkey_test.go
index 6f5cc3f49d..0b81a03682 100644
--- a/modules/jwtx/signingkey_test.go
+++ b/modules/jwtx/signingkey_test.go
@@ -111,3 +111,9 @@ func TestLoadOrCreateAsymmetricKey(t *testing.T) {
 		assert.NotNil(t, parsedKey.(ed25519.PrivateKey))
 	})
 }
+
+func TestCannotCreatePrivateKey(t *testing.T) {
+	_, err := InitAsymmetricSigningKey("/dev/directory-does-not-exist-and-you-should-not-have-permission-to-create/privatekey.pem", "RS256")
+	require.Error(t, err)
+	require.ErrorContains(t, err, "Error generating private key")
+}