Is it safe to assume that you are using Apache? I used Nginx, so I’m not sure how this works for Apache, but the nginx process is run by a user called nginx. Its home directory is /var/cache/nginx. I noticed that you list your home (i.e. www-data’s home) as “/var/www/”; you should double check if that’s www-data’s true home directory (isn’t that Apache’s default webroot?). If it’s not, I think moving the keys around to the true home directory should suffice.
Oh boy, I’m stumped. I can’t really think of anything other than a possible typo. If it’s not that, maybe try renaming the keys? Perhaps there are default settings in the different php files that test for the existence of the default keys. But that would seem unlikely, since I would expect the healthcheck to warn against the use of default keys vs. what I’m saying.
I also had problems with this and what I remember doing was simply moving the files created under the /root/.gnupg directory (I generated the keys as root) to /var/cache/nginx/.gnupg and modifying the values in the app.php file. Needless to say, I changed permissions accordingly. I’m sorry I can’t be of much help