diff --git a/config/initializers/cookie_rotator.rb b/config/initializers/active_storage_message_and_cookie_rotator.rb
similarity index 64%
rename from config/initializers/cookie_rotator.rb
rename to config/initializers/active_storage_message_and_cookie_rotator.rb
index b82c9de1d..c6a97ab74 100644
--- a/config/initializers/cookie_rotator.rb
+++ b/config/initializers/active_storage_message_and_cookie_rotator.rb
@@ -1,3 +1,16 @@
+# This code was copied from:
+# https://github.com/hotwired/turbo-rails/blob/v1.4.0/UPGRADING.md#key-digest-changes-in-111
+# Removing this code will make ActiveStorage image URLs generated with Rails 6.1
+# or earlier inaccessible, causing images attached with CKEditor or linked from
+# somewhere else not to be rendered.
+Rails.application.config.after_initialize do |app|
+  key_generator = ActiveSupport::KeyGenerator.new(
+    app.secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+  )
+
+  app.message_verifier("ActiveStorage").rotate(key_generator.generate_key("ActiveStorage"))
+end
+
 # This code was copied from:
 # https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html#key-generator-digest-class-changing-to-use-sha256
 # TODO: safe to remove after upgrading to Rails 7.1 or releasing a new