gpg skipped KEY No secret key error message when trying to sign a git commit on Windows 10

A

2

6

I followed instructions here: https://docs.github.com/en/authentication/managing-commit-signature-verification/generating-a-new-gpg-key

I did not include a comment. Only my name and email which match my github account.

Then, I set my git config to the following:

[user]
    name = First Last
    email = [email protected]
    signingkey = ABCDMYKEY12345
[commit]
    gpgsign = true
[gpg]
    program = C:\\Program Files (x86)\\GnuPG\\bin\\gpg.exe

gpg --version returns

$ gpg --version
gpg (GnuPG) 2.2.29-unknown
libgcrypt 1.9.3-unknown

I've run GIT_TRACE=1 and returned

$ GIT_TRACE=1 git commit --allow-empty -m "signing"
09:30:10.094197 exec-cmd.c:237          trace: resolved executable dir: C:/Program Files/Git/mingw64/bin
09:30:10.102197 git.c:455               trace: built-in: git commit --allow-empty -m signing
09:30:10.126235 run-command.c:666       trace: run_command: 'C:\Program Files (x86)\GnuPG\bin\gpg.exe' -bsau ABCDMYKEY12345
gpg: skipped "ABCDMYKEY12345": No secret key
gpg: signing failed: No secret key
error: gpg failed to sign the data
fatal: failed to write commit object

I've triple-checked for typos. This does not seem like a duplicate of gpg: skipped "XXBDXX4E": secret key not available. gpg: signing failed: secret key not available

because my gpg program is correctly set

I've seen this question Git doesn't see gpg key as secret, even though it is, how do I fix it?

But I don't understand the gpg2 thing. My gpg version is 2. Why do I need another gpg2 program. Besides, where do I get gpg2 from? Is it supposed to come with Git?

Anselm answered 10/6, 2022 at 13:50 Comment(5)

GPG tells you your key ABCDMYKEY12345 does not have a secret key. I think it would be easier to help you if you show how you created that key. – Willms 10/6, 2022 at 14:21

I followed the instructions linked exactly – Anselm 10/6, 2022 at 14:25

The link might be dead in 4 years when someone hits the same problem as you ;) Always including the relevant info in your questions is a good practice. – Willms 10/6, 2022 at 14:26

Ok, sure. But it's visible right now. – Anselm 10/6, 2022 at 14:27

There was some recent (albeit brief) discussion on the Git mailing list about Git being rather fragile in terms of the way Git runs the signing program: what's expected to be a flag, what's expected to be in stdin, stdout, particular files, which argument(s) to use, and so on. It appears that right now, Git and its-own-variant-of-GPG are very closely coupled and cannot be split up. – Lachman 11/6, 2022 at 1:23

A

3

I changed my gpg.program in git config to point at Git's gpg, which on my computer was located at C:/Program Files/Git/usr/bin/gpg.exe

Anselm answered 10/6, 2022 at 15:55 Comment(0)

P

1

For me the step by step solution would be

git config --global gpg.program "C:/Program Files/Git/usr/bin/gpg.exe”

gpg --full-generate-key

Follow the instruction on generating  key

Copy the key

git config --global user.signingkey 8DCAD9B************

Persson answered 21/12, 2023 at 7:57 Comment(1)

git config --global user.signingkey 8DCAD9B************ Solved the issue for me, thanks!! – Selfless 14/1 at 20:17

Recommended topics

Hot tags