Get started

Knowledge base

Products

See all

Resources

Setup GPG to sign commits within SourceTree

Still need help?

The Atlassian Community is here for you.

Ask the community

Purpose

This page aims to explain how to setup GPG to sign commits within SourceTree.

Solution

Install GPGTools https://gpgtools.org
Create or import a GPG key
- SourceTree Only
  - Open the Repository/Repository Settings dialog
  - Open the Security tab
    1. Check "Enable GPG key signing for commits"
    2. Select your preferred key.
  - When next committing, check the "Sign Commit" "Commit Option"
- Command line Git
  - The automatically signing your git commits page provides a guide to setup commit signing when using command line Git.
Check that the commits are now signed
- If SourceTree is correctly configured to sign commits, when committing a file you see the following screens:
  The -c gpg.program=/Applications/SourceTree.app/Contents/Resources/bin/stgpg.sh commit -q --gpg-sign=FAE3579EEA1C6363 command line options identify a signed Git commit:
```
git -c diff.mnemonicprefix=false -c core.quotepath=false -c credential.helper=sourcetree -c gpg.program=/Applications/SourceTree.app/Contents/Resources/bin/stgpg.sh commit -q --gpg-sign=FAE3579EEA1C6363 -F /var/folders/jw/5wfdcdr137q_hh1jw5nzcyvw0000gp/T/SourceTreeTemp.LiStAR 
```

Last modified on Feb 26, 2016

Was this helpful?

Yes Provide feedback about this article

Powered by Confluence and Scroll Viewport.