I'm having some trouble setting up GPG commit signing with github after performing a windows reinstall.
When commiting, GPG signing fails returning this error:
gpg: skipped "993E2EFC8503C42F": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object
Everything I have googled about this issue all point to setting gpg.program to the location of the GnuPG gpg executable ("C:\Program Files (x86)\GnuPG\bin\gpg.exe") Which sadly, has not solved my issue.
Performing gpg --list-secret-keys --keyid-format=long in git bash returns my gpg keys, however performing the same command in powershell or cmd, does not, which i believe might be my issue, although i dont know how to go about fixing this.
git config --global user.name "name..." and git config --global user.email "email"git config --global user.signingkey to my gpg keygit config --global gpg.program to "C:\Program Files (x86)\GnuPG\bin\gpg.exe" as described by various other online tutorials and answersgit config --global commit.gpgsign to trueSuccessfully submit a verified commit
I've managed to figure it out!
I'm ultimately not quite sure what the issue was specifically, however, after uninstalling GPG4Win and Git, then only reinstalling Git and going through the GPG setup process, I'm now able to perform verified commits. this is using Gits bundled GPG program and no other GPG related installation.
not sure if this will help anyone else, but if you're on windows having this issue, try running through the gpg setup process WITHOUT GPG4Win installed and just use gits bundled GPG executable.
remember to set commit.gpgsign to true and tell git your signing key like so git config --global user.signingkey "your key id" if you only want to set the signing key for specific project you can cd to the project directory and run the same command WITHOUT the --global tag.