Skip to content

Instantly share code, notes, and snippets.

@clauswrm

clauswrm/how_to_sign_commits_with_gpg_in_intellij_idea_on_windows.md

Created April 18, 2018 14:38
Show Gist options
  • Save clauswrm/303b6fef9b3792a4d148e704a4bcbfc7 to your computer and use it in GitHub Desktop.
Save clauswrm/303b6fef9b3792a4d148e704a4bcbfc7 to your computer and use it in GitHub Desktop.
Download ZIP
Steps to enable signing commits with GPG in IntelliJ IDEA on Windows
Raw
how_to_sign_commits_with_gpg_in_intellij_idea_on_windows.md

How to sign commits with GPG in IntelliJ IDEA on Windows

If anyone is having trouble commiting and pushing signed commits in IntelliJ IDEA (or any other JetBrains IDE) like me, here are the steps:

This guide assumes that you have generated a GPG key added it to your GitHub account.

Signing commits in IntelliJ

  1. Let Git use the pin entry app which comes with gpg4win:

$ git config --global gpg.program "c:/Program Files (x86)/GnuPG/bin/gpg.exe"

The location of gpg.exe might be slightly different on your system.

  1. Tell Git to sign your commits:

$ git config --global commit.gpgsign true

Omit --global if you only want to sign commits for the given repo.

  1. Add your key to Git by first listing your key:
$ gpg --list-keys
C:/Users/User/AppData/Roaming/gnupg/pubring.kbx
   ------------------------------------------------
   pub   rsa4096 2018-04-11 [SCA]
         123456789999999999ABCDEFABCDEF1234567890
   uid           [ultimate] Claus Martinsen <clauswrm@gmail.com>
   sub   rsa4096 2018-04-11 [E]
  1. And linking the key to your Git user:

$ git config --global user.signingkey 123456789999999999ABCDEFABCDEF1234567890

  1. Try commiting from IntelliJ and you will be prompted to to write the GPG-key password.

Pushing signed commits in IntelliJ

When pushing in IntelliJ you should now be propted with a GitHub login screen. If this fails like it did for me, with an error similar to this:

fatal: HttpRequestException encountered.
   An error occurred while sending the request.
Username for 'https://github.com':

...here is how to fix it:

  1. Download the latest version of Git Windows Credentials Manager.

  2. Restart your machine.

  3. Try pushing from IntelliJ and you will be prompted to login again.

Testing

Open the terminal in IntelliJ and type:

$ git log <yourLastCommitHash> --show-signature -1

...where <yourLastCommitHash> should be replaced by the hash of the signed commit. The output should look something like this:

commit 45cf201ac7ff8acc06916184c4e2322cdfa05467
gpg: Signature made 04/17/18 21:20:20 West Europe Summer Time
gpg:                using RSA key 1234567890ABCDEF123456789
gpg: Good signature from "User Name <username@email.com>" [ultimate]
Author: User Name <username@email.com>
Date:   Tue Apr 17 21:20:20 2018 +0200

After you have pushed your signed commit, navigate to your repo/commits/branch on GitHub and verify that the commit has a verified badge.

Resources

These resources helped me along the way and is what I based this document on:

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment