This example creates a GPG signing key for use on Windows
See https://github.com/microsoft/vscode/wiki/Commit-Signing
- Install git https://git-scm.com/
- Install gpg4win https://www.gpg4win.org/ gpg4win-4.1.0.exe
- Tell git where to find gpg
git config --global gpg.program "C:/Program Files (x86)/GnuPG/bin/gpg.exe"
Microsoft Windows [Version 10.0.19041.2788]
(c) Microsoft Corporation. All rights reserved.
C:\Users\DrFaux>gpg --full-generate-key
gpg: keybox 'C:\\Users\\DrFaux\\AppData\\Roaming\\gnupg\\pubring.kbx' created
gpg (GnuPG) 2.4.0; Copyright (C) 2021 g10 Code GmbH
--SNIP--
gpg: C:\\Users\\DrFaux\\AppData\\Roaming\\gnupg\\trustdb.gpg: trustdb created
gpg: directory 'C:\\Users\\DrFaux\\AppData\\Roaming\\gnupg\\openpgp-revocs.d' created
gpg: revocation certificate stored as 'C:\\Users\\DrFaux\\AppData\\Roaming\\gnupg\\openpgp-revocs.d\\48EF12CF9F75CAA8C26FD595C83F936838F657A2.rev'
public and secret key created and signed.
pub rsa4096 2023-04-11 [SC]
48EF12CF9F75CAA8C26FD595C83F936838F657A2
uid Dr Faux <drfaux@contoso.com>
sub rsa4096 2023-04-11 [E]
C:\Users\DrFaux>gpg --list-secret-keys --keyid-format=long
gpg: checking the trustdb
gpg: marginals needed: 3 completes needed: 1 trust model: pgp
gpg: depth: 0 valid: 1 signed: 0 trust: 0-, 0q, 0n, 0m, 0f, 1u
C:\Users\DrFaux\AppData\Roaming\gnupg\pubring.kbx
-------------------------------------------------------------
sec rsa4096/C83F936838F657A2 2023-04-11 [SC]
48EF12CF9F75CAA8C26FD595C83F936838F657A2
uid [ultimate] Dr Faux <drfaux@contoso.com>
ssb rsa4096/BB43E1CBEFED9A1C 2023-04-11 [E]
C:\Users\DrFaux>git init gpg-helper
Initialized empty Git repository in C:/Users/DrFaux/gpg-helper/.git/
C:\Users\DrFaux>cd gpg-helper
C:\Users\DrFaux\gpg-helper>git config --global user.email "drfaux@contoso.com"
C:\Users\DrFaux\gpg-helper>git config --global user.name "Dr Faux"
C:\Users\DrFaux\gpg-helper>git config --global user.signingkey C83F936838F657A2
C:\Users\DrFaux\gpg-helper>git config --global commit.gpgsign true
C:\Users\DrFaux\gpg-helper>echo "" > me
C:\Users\DrFaux\gpg-helper>git add me
C:\Users\DrFaux\gpg-helper>git commit -m 'foo'
gpg: directory '/c/Users/DrFaux/.gnupg' created
gpg: keybox '/c/Users/DrFaux/.gnupg/pubring.kbx' created
gpg: skipped "C83F936838F657A2": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object
C:\Users\DrFaux>where gpg
C:\Program Files (x86)\GnuPG\bin\gpg.exe
C:\Users\DrFaux\gpg-helper>git config --global gpg.program "C:/Program Files (x86)/GnuPG/bin/gpg.exe"
C:\Users\DrFaux\gpg-helper>git commit -m 'bar'
-------- INSERT PASSPHRASE POP-UP --------
[master (root-commit) a181197] 'bar'
1 file changed, 1 insertion(+)
create mode 100644 me
C:\Users\DrFaux\gpg-helper>
.