Why is the GnuPG-sign checkbox disabled in SourceTree?

Asked 2/11, 2014 at 8:16 Answered 5/7, 2022 at 9:29

Example screenshot

Using Mac OS X Yosemite (10.10), I cannot active GnuPG-signing of commits in SourceTree, as the checkbox is disabled. How can I enable commit-signing?

Obliquity answered 2/11, 2014 at 8:16 Comment(0)

You likely aren't pointing the GPG Program setting (found in SourceTree -> Preferences -> Advanced) at the right bin. If you're using GPGTools on OS X, it should be /usr/local/MacGPG2/bin. To navigate to the /usr/bin directory in the Open File dialog, click shift + command + g

If you installed gnupg with Homebrew, see @chakming`s answer in the comments below.

Wanwand answered 21/11, 2014 at 20:5 Comment(9)

To clarify, the GPG Program: should point to MacGPGs's bin directory and not the gpg binary itself – Bolshevist 7/4, 2016 at 10:7

I installed gpg2 with homebrew and have it set in my git config (git config --global gpg.program gpg2). In SourceTree I have to specify /usr/local/bin in the GPG Program field. – Thereabout 27/7, 2017 at 19:18

for anyone using OSX and brew install gnupg, try to locate gng by ls -la /usr/local/bin/gpg and you will see the version: ../Cellar/gnupg/2.2.6/bin/, then open terminal and go /usr/local/Cellar/gnupg/2.2.6/bin/, then create a shortcut by ln -s gpg gpg2. Go to SourceTree -> Preferences and use /usr/local/Cellar/gnupg/2.2.6/bin as you GPG Program location then everything works fine – Bili 16/4, 2018 at 8:50

In SourceTree 2.7.1, this setting is in SourceTree > Preferences > Advanced tab. – Auscultation 14/5, 2018 at 15:11

I cannot add free text like the screen shot ... anyone else having that issues ? I use mojave OXS – Wingspan 3/4, 2019 at 20:13

@Wingspan I updated the answer showing the correct procedure for the latest version. – Wanwand 3/4, 2019 at 22:31

The only this I'd add to @Bili 's answer, is that you can get the path to the gpg binary you are using with which gpg. Thanks! – Variegate 23/12, 2019 at 13:26

Just wanted to say that @chakming's answer was the only way that solved this. Additionally, you don't need to create the shortcut in the versioned folder, you can create the link in the usr/local/bin directory: ln -s /usr/local/bin/gpg /usr/local/bin/gpg2 – Mccorkle 10/6, 2021 at 11:29

To solve this in SourceTree 4.2.5, I initially switched to use the system git and not the embedded git since sourcetree was looking for gpg2. That didn't work. I switched back to use the embedded git and made a symlink as commented before: n -s gpg gpg2. That worked. – Umiak 2/12, 2023 at 23:55

Since SourceTree version 1.8.1, that checkbox will also be disabled if you had no GPG key when SourceTree was started. Creating your first GPG key while SourceTree is still running won't help. You will need to restart SourceTree in order for it to notice that you now have GPG keys.

Ref: https://jira.atlassian.com/browse/SRCTREE-1835

Fulton answered 8/4, 2016 at 14:38 Comment(2)

I have restarted but still the same – Delinquency 7/5, 2018 at 12:16

Thanks, this was my problem – Blubbery 8/11, 2021 at 12:9

Although techpeace's answer seems to have resolved it for BJ Myers, there is also another possible reason for the option to remain greyed out despite correcting the setting.

If your keyring has been around for a while (close to 20 years in my case), chances are that some debris has piled up in one corner or another of the trust database. The tricky bit is that in most cases this doesn't show up in obvious ways, i.e. you can still sign, verify, encrypt, and decrypt stuff just fine. It's just that spurious keyid_from_fingerprint: no pubkey or public key of ultimately trusted key 00000000 not found that shows up from time to time (typically when using some keyring management front-end).

And this trustdb inconsistency was what prevented SourceTree from enabling the commit signing options in my case.

The solution is straightforward; simply follow Spike's instructions for weeding out 00000000 keys from the trustdb. Spike talks about one 00000000 entry, but in my case there were several. Just remove them all. Takes less than 5 minutes, and works like a charm.

Howlett answered 9/6, 2016 at 23:39 Comment(0)

To set up Sourcetree to sign with GPG:

Install gnupg: brew install gnupg
- I found that gnupg was installed in /opt/homebrew/Cellar/gnupg/2.3.6/bin (note 2.3.6 might be different for you, and /opt/homebrew is for ARM macs, brew installs to /usr/local/bin on intel macs)
Ran ln -s gpg gpg2 (as per a comment in another answer)
Went into Sourcetree preferences (Command + , > Advanced > GPG Program)
- Pressed Shift + Command + G and pasted the path from earlier: /opt/homebrew/Cellar/gnupg/2.3.6/bin.

In SourceTree mac menubar > Repository > Repository settings > Security tab, enabled the checkbox: enable GPG key signing for commits

Amyotonia answered 5/7, 2022 at 9:29 Comment(0)

To set up Sourcetree to sign with GPG:

Recommended topics

Hot tags