diff --git a/CHANGELOG.md b/CHANGELOG.md
index bacd90c3ee..ace92cae62 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,5 @@
 ### HEAD
+* Fix #1285 - Improve handling of WP-CLI failed verification ([#1295](https://github.com/roots/trellis/pull/1295))
 * Fix #1284 - Update logrotate postrotate Nginx command ([#1293](https://github.com/roots/trellis/pull/1293))
 * Replace php-gd with php-imagick ([#1292](https://github.com/roots/trellis/pull/1292))
 * Improve handling of PHP versions and support PHP 8.0 (default is still 7.4) ([#1284](https://github.com/roots/trellis/pull/1284))
diff --git a/roles/wp-cli/tasks/main.yml b/roles/wp-cli/tasks/main.yml
index 21494865dc..dab02c6ea8 100644
--- a/roles/wp-cli/tasks/main.yml
+++ b/roles/wp-cli/tasks/main.yml
@@ -21,9 +21,22 @@
     dest: /tmp/wp-cli.pgp.gpg
     mode: '0744'
 
-- name: Verify WP-CLI Phar Signature
-  command: gpg2 --lock-never --no-default-keyring --keyring /tmp/wp-cli.pgp.gpg --verify /tmp/wp-cli-{{ wp_cli_version }}.phar.asc /tmp/wp-cli-{{ wp_cli_version }}.phar
-  changed_when: false
+- name: Verify WP-CLI
+  block:
+    - name: Check GPG signature
+      command: gpg2 --lock-never --no-default-keyring --keyring /tmp/wp-cli.pgp.gpg --verify /tmp/wp-cli-{{ wp_cli_version }}.phar.asc /tmp/wp-cli-{{ wp_cli_version }}.phar
+      changed_when: false
+  rescue:
+    - name: Delete invalid WP-CLI Phar file
+      file:
+        path: "{{ item }}"
+        state: absent
+      with_items:
+        - "/tmp/wp-cli-{{ wp_cli_version }}.phar"
+        - "/tmp/wp-cli-{{ wp_cli_version }}.phar.asc"
+    - name: Fail verification
+      fail:
+        msg: "WP-CLI Phar signature could not be verified. Please try again."
 
 - name: Install WP-CLI
   command: rsync -c --chmod=0755 --info=name /tmp/wp-cli-{{ wp_cli_version }}.phar {{ wp_cli_bin_path }}