Github commit signing not working #191529
-
Discussion TypeQuestion Discussion ContentHello, I looked at this page but unfortunately it doesn't work. The commits don't seem to be signed. When creating a PR, I get this error: I checked the required signature for commits: Thank you very much in advance for any help |
Beta Was this translation helpful? Give feedback.
Replies: 5 comments 1 reply
-
|
Hi @BigfootN , The error means your commits aren't being signed with a verified GPG or SSH key. Here's how to fix it: Step 1 β Generate a GPG key (if you don't have one): Step 2 β Get your GPG key ID: gpg --list-secret-keys --keyid-format=long Step 3 β Add GPG key to GitHub: Run gpg --armor --export YOUR_KEY_ID, copy the output, and add it at GitHub β Settings β SSH and GPG keys β New GPG key Step 4 β Tell Git to use it: git config --global user.signingkey YOUR_KEY_ID Step 5 β Recommit your changes: git commit --amend --no-edit -S After this, your commits will show a β "Verified" badge and the PR merge block will be lifted. Hope this helps! |
Beta Was this translation helpful? Give feedback.
-
|
I had same problem but here's how u can fix it...
Well lemme know if you'll done w ts.. |
Beta Was this translation helpful? Give feedback.
-
GitHub Commit Signing Not WorkingHi @BigfootN, Your commits arenβt signed. To fix:
gpg --full-generate-key
Use RSA 4096 bits and your GitHub email.
Get your key ID:
gpg --list-secret-keys --keyid-format=long
Add the key to GitHub:
gpg --armor --export YOUR_KEY_ID
Go to GitHub β Settings β SSH and GPG keys β New GPG key and paste it.
Configure Git:
git config --global user.signingkey YOUR_KEY_ID
git config --global commit.gpgsign true
Sign existing commit:
git commit --amend --no-edit -S
git push --force
Make sure your commit email matches your GitHub account. β
If you want, I can also make **all your previous GitHub discussion answers |
Beta Was this translation helpful? Give feedback.
-
|
Hello, Thank you for all your help. Here is the output of I added my gpg key into my account ( I executed these commands: I commited with: But, unfortunately, I still get the error. Thank you very much in advance for any help. |
Beta Was this translation helpful? Give feedback.
-
|
Youβve already done the signing-key part correctly, so Iβd look at the commit identity next. The key itself seems fine. The usual problem at this point is that Git is creating commits with a different email than the one in the GPG UID: So Iβd check these first: git config --global user.email If that email is not exactly Iβd also set the short key ID just to keep it simple: git config --global user.signingkey B3743656D19D4963 Then check whether the latest commit is actually signed locally: git log --show-signature -1 If the PR commits were created before signing was enabled, theyβll still be unsigned, so you need to recreate them: git commit --amend --no-edit -S If there are multiple commits in the PR, all of them need to be signed. Also, the typo in the UID name ( |
Beta Was this translation helpful? Give feedback.
-
|
Thank you. The problem was due to the fact that the email wasn't the right one. Thank you. |
Beta Was this translation helpful? Give feedback.
-
Link
Youβve already done the signing-key part correctly, so Iβd look at the commit identity next.
The key itself seems fine. The usual problem at this point is that Git is creating commits with a different email than the one in the GPG UID:
rcoredump+git@proton.me
So Iβd check these first:
git config --global user.email
git config user.email
git log -1 --format='%ae / %ce'
If that email is not exactly
rcoredump+git@proton.me, GitHub wonβt verify it.Iβd also set the short key ID just to keep it simple:
git config --global user.signingkey B3743656D19D4963
git config --global user.email "rcoredump+git@proton.me"
git config --global commit.gpgsign true
Then check whether the latest commit is actuβ¦