diff --git a/bin/tests/system/Makefile.am b/bin/tests/system/Makefile.am
index 79450fb99c..266b49985b 100644
--- a/bin/tests/system/Makefile.am
+++ b/bin/tests/system/Makefile.am
@@ -101,6 +101,7 @@ TESTS +=			\
 	dns64			\
 	dscp			\
 	dsdigest		\
+	dupsigs			\
 	dyndb			\
 	ecdsa			\
 	eddsa			\
@@ -162,10 +163,6 @@ TESTS +=			\
 	xferquota		\
 	zonechecks
 
-# The "dupsigs" test is not run by default because it takes
-# a very long time to complete.
-# TESTS += dupsigs
-
 if HAVE_LMDB
 TESTS += nzd2nzf
 endif # HAVE_LMDB
diff --git a/bin/tests/system/conf.sh.common b/bin/tests/system/conf.sh.common
index dbb8490885..3f6381703c 100644
--- a/bin/tests/system/conf.sh.common
+++ b/bin/tests/system/conf.sh.common
@@ -26,8 +26,6 @@ export LANG=C
 #
 # Common lists of system tests to run.
 #
-# The "dupsigs" test is not run by default because it takes
-# a very long time to complete.
 
 #
 # These tests can use ports assigned by the caller (other than 5300
@@ -41,7 +39,10 @@ export LANG=C
 # rpzrecurse are scheduled first, in order to get more benefit from
 # parallelism.
 #
-PARALLEL_COMMON="rpzrecurse serve-stale
+PARALLEL_COMMON="
+rpzrecurse
+serve-stale
+dupsigs
 acl
 additional
 addzone
diff --git a/bin/tests/system/dupsigs/check_journal.pl b/bin/tests/system/dupsigs/check_journal.pl
index 99bf6907e8..074743205c 100644
--- a/bin/tests/system/dupsigs/check_journal.pl
+++ b/bin/tests/system/dupsigs/check_journal.pl
@@ -197,11 +197,6 @@ if( @changeset ) {
             if( $n_signing_keys == 0 ) {
                 print "at serial $newserial $rrsig_id went unsigned\n";
             }
-            elsif( $rrsig_id =~ /:DNSKEY$/ ) {
-                if( $n_signing_keys != 2 ) {
-                    print "at serial $newserial $rrsig_id was signed $n_signing_keys time(s) when it should have been signed twice\n";
-                }
-            }
             elsif( $n_signing_keys > 1 ) {
                 my @signing_keys = sort { $a <=> $b } keys %{ $rrsig_db{$rrsig_id} };
                 print "at serial $newserial $rrsig_id was signed too many times, keys (@signing_keys)\n";
diff --git a/bin/tests/system/dupsigs/clean.sh b/bin/tests/system/dupsigs/clean.sh
index 9db0799490..68ddace99e 100644
--- a/bin/tests/system/dupsigs/clean.sh
+++ b/bin/tests/system/dupsigs/clean.sh
@@ -9,6 +9,7 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
+rm -f dig.out*
 rm -f ns1/named.conf
 rm -f ns1/named.lock
 rm -f ns1/named.memstats
diff --git a/bin/tests/system/dupsigs/ns1/named.conf.in b/bin/tests/system/dupsigs/ns1/named.conf.in
index c5ade8bf8e..494ecfb9e3 100644
--- a/bin/tests/system/dupsigs/ns1/named.conf.in
+++ b/bin/tests/system/dupsigs/ns1/named.conf.in
@@ -29,5 +29,5 @@ zone "signing.test" {
 	key-directory "keys/signing.test";
 	inline-signing yes;
 	auto-dnssec maintain;
-	sig-validity-interval 120 30;
+	sig-validity-interval 20 5;
 };
diff --git a/bin/tests/system/dupsigs/ns1/reset_keys.sh b/bin/tests/system/dupsigs/ns1/reset_keys.sh
index 28b1191b29..cc9bef78f5 100644
--- a/bin/tests/system/dupsigs/ns1/reset_keys.sh
+++ b/bin/tests/system/dupsigs/ns1/reset_keys.sh
@@ -11,7 +11,7 @@
 # See the COPYRIGHT file distributed with this work for additional
 # information regarding copyright ownership.
 
-. ../conf.sh
+. ../../conf.sh
 
 zone=signing.test
 rm -rf keys/signing.test
@@ -52,14 +52,14 @@ $SETTIME -P $BASET -A $BASET $KEYDIR/$KSK
 $SETTIME -P $BASET -A $BASET $KEYDIR/$ZSK0
 
 # schedule the first roll
-R1=`expr $BASE + 300`
+R1=`expr $BASE + 50`
 R1T=`timetodnssec $R1`
 
 $SETTIME -I $R1T $KEYDIR/$ZSK0
 $SETTIME -P $BASET -A $R1T $KEYDIR/$ZSK1
 
 # schedule the second roll (which includes the delete of the first key)
-R2=`expr $R1 + 300`
+R2=`expr $R1 + 50`
 R2T=`timetodnssec $R2`
 DT=$R2
 DTT=`timetodnssec $DT`
@@ -69,8 +69,7 @@ $SETTIME -I $R2T $KEYDIR/$ZSK1
 $SETTIME -P $R1T -A $R2T $KEYDIR/$ZSK2
 
 # schedule the third roll
-# this isn't long enough for the signing to complete
-R3=`expr $R2 + 60`
+R3=`expr $R2 + 25`
 R3T=`timetodnssec $R3`
 
 $SETTIME -D $R3T $KEYDIR/$ZSK1
@@ -89,8 +88,10 @@ echo ZSK4=$ZSK4
 exit
 
 # schedule the fourth roll
-# this isn't long enough for the signing to complete
-R4=`expr $R3 + 30`
+# this isn't long enough for the signing to complete and would result in
+# duplicate signatures, see
+# https://gitlab.isc.org/isc-projects/bind9/-/merge_requests/231#note_9597
+R4=`expr $R3 + 10`
 R4T=`timetodnssec $R4`
 
 $SETTIME -D $R4T $KEYDIR/$ZSK2
diff --git a/bin/tests/system/dupsigs/ns1/signing.test.db.in b/bin/tests/system/dupsigs/ns1/signing.test.db.in
index f4c6643533..b522b6f0ef 100644
--- a/bin/tests/system/dupsigs/ns1/signing.test.db.in
+++ b/bin/tests/system/dupsigs/ns1/signing.test.db.in
@@ -15,4 +15,4 @@ $TTL 3600
 ns   A    127.0.0.1
 ns   AAAA ::1
 
-$GENERATE 0-1999 a${0,4,d} AAAA ::$
+$GENERATE 0-499 a${0,4,d} AAAA ::$
diff --git a/bin/tests/system/dupsigs/tests.sh b/bin/tests/system/dupsigs/tests.sh
index 731a3193b3..2901fede3b 100644
--- a/bin/tests/system/dupsigs/tests.sh
+++ b/bin/tests/system/dupsigs/tests.sh
@@ -13,8 +13,9 @@
 
 status=0
 start=`date +%s`
-end=`expr $start + 1200`
-now=$start
+end=`expr $start + 150`
+sleep 10  # wait for a bit for the initial signing
+now=`expr $start + 10`
 while test $now -lt $end
 do
 	et=`expr $now - $start`
@@ -23,12 +24,12 @@ do
 	$DIG axfr signing.test -p ${PORT} @10.53.0.1 > dig.out.at$et
 	awk '$4 == "RRSIG" { print $11 }' dig.out.at$et | sort | uniq -c
 	lines=`awk '$4 == "RRSIG" { print}' dig.out.at$et | wc -l`
-	if [ ${et} -ne 0 -a ${lines} -ne 4009 ]
+	if [ ${et} -ne 0 -a ${lines} -ne 1008 ]
 	then
 		echo_i "failed"
 		status=`expr $status + 1`
 	fi
-	sleep 20
+	sleep 5
 	now=`date +%s`
 done