diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/WebKeyDirectoryClient.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/WebKeyDirectoryClient.java
index e6df3cab9..66058aedf 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/WebKeyDirectoryClient.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/keyimport/WebKeyDirectoryClient.java
@@ -94,7 +94,7 @@ public class WebKeyDirectoryClient implements KeyserverClient {
 
             Request request = new Request.Builder().url(url).build();
 
-            OkHttpClient client = OkHttpClientFactory.getClientPinnedIfAvailable(url, proxy);
+            OkHttpClient client = OkHttpClientFactory.getClientPinnedIfAvailableWithRedirects(url, proxy);
             Response response = client.newCall(request).execute();
 
             if (response.isSuccessful()) {
diff --git a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpClientFactory.java b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpClientFactory.java
index 1d2bdc6f5..507a9509c 100644
--- a/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpClientFactory.java
+++ b/OpenKeychain/src/main/java/org/sufficientlysecure/keychain/network/OkHttpClientFactory.java
@@ -47,10 +47,18 @@ public class OkHttpClientFactory {
     }
 
     public static OkHttpClient getClientPinnedIfAvailable(URL url, Proxy proxy) {
+        // don't follow any redirects for keyservers, as discussed in the security audit
+        return getClientPinnedIfAvailable(url, proxy, false);
+    }
+
+    public static OkHttpClient getClientPinnedIfAvailableWithRedirects(URL url, Proxy proxy) {
+        return getClientPinnedIfAvailable(url, proxy, true);
+    }
+
+    private static OkHttpClient getClientPinnedIfAvailable(URL url, Proxy proxy, boolean followRedirects) {
         OkHttpClient.Builder builder = new OkHttpClient.Builder();
 
-        // don't follow any redirects for keyservers, as discussed in the security audit
-        builder.followRedirects(false)
+        builder.followRedirects(followRedirects)
                 .followSslRedirects(false);
 
         if (proxy != null) {