Reputation: 483
Why is the GnuPG-sign checkbox disabled in SourceTree?
Using Mac OS X Yosemite (10.10), I cannot active GnuPG-signing of commits in SourceTree, as the checkbox is disabled. How can I enable commit-signing?
Upvotes: 41
Views: 9288
Answers (4)
Reputation: 2644
You likely aren't pointing the GPG Program setting (found in SourceTree -> Preferences -> Advanced) at the right bin. If you're using GPGTools on OS X, it should be /usr/local/MacGPG2/bin. To navigate to the /usr/bin directory in the Open File dialog, click shift + command + g
If you installed gnupg with Homebrew, see @chakming`s answer in the comments below.
Upvotes: 57
Reputation: 28818
To set up Sourcetree to sign with GPG:
- Install gnupg:
brew install gnupg- I found that gnupg was installed in
/opt/homebrew/Cellar/gnupg/2.3.6/bin(note2.3.6might be different for you, and /opt/homebrew is for ARM macs, brew installs to/usr/local/binon intel macs)
- I found that gnupg was installed in
- Ran
ln -s gpg gpg2(as per a comment in another answer) - Went into Sourcetree preferences (Command + , > Advanced > GPG Program)
- Pressed Shift + Command + G and pasted the path from earlier:
/opt/homebrew/Cellar/gnupg/2.3.6/bin.
- Pressed Shift + Command + G and pasted the path from earlier:
In SourceTree mac menubar > Repository > Repository settings > Security tab, enabled the checkbox: enable GPG key signing for commits
Upvotes: 1
Reputation:
Although techpeace's answer seems to have resolved it for BJ Myers, there is also another possible reason for the option to remain greyed out despite correcting the setting.
If your keyring has been around for a while (close to 20 years in my case), chances are that some debris has piled up in one corner or another of the trust database. The tricky bit is that in most cases this doesn't show up in obvious ways, i.e. you can still sign, verify, encrypt, and decrypt stuff just fine. It's just that spurious keyid_from_fingerprint: no pubkey or public key of ultimately trusted key 00000000 not found that shows up from time to time (typically when using some keyring management front-end).
And this trustdb inconsistency was what prevented SourceTree from enabling the commit signing options in my case.
The solution is straightforward; simply follow Spike's instructions for weeding out 00000000 keys from the trustdb. Spike talks about one 00000000 entry, but in my case there were several. Just remove them all. Takes less than 5 minutes, and works like a charm.
Upvotes: 1
Reputation: 2887
Since SourceTree version 1.8.1, that checkbox will also be disabled if you had no GPG key when SourceTree was started. Creating your first GPG key while SourceTree is still running won't help. You will need to restart SourceTree in order for it to notice that you now have GPG keys.
Ref: https://jira.atlassian.com/browse/SRCTREE-1835
Upvotes: 7
Related Questions
- Git GPG signing fails without a clear message
- How to disable git gpg signing
- Sign git commits with GPG
- Why commits by github don't show 'verified' (signed commits)?
- Commit signing using sourcetree on windows
- github: PGP key usage flags do not allow signing
- What "Everyone Must Sign" in Git SCM book about Sign mean?
- why does source tree look for gpg keys while I haven't configured for signing?
- Why do I have to kill gpg-agent to sign my commits?
- .gitattributes file not being respected by SourceTree