Setup GPG to sign commits within SourceTree

Still need help?

The Atlassian Community is here for you.

Ask the community


This page aims to explain how to setup GPG to sign commits within SourceTree.


  • Install GPGTools
  • Create or import a GPG key
    • SourceTree Only

      • Open the Repository/Repository Settings dialog
      • Open the Security tab
        1. Check "Enable GPG key signing for commits"
        2. Select your preferred key.
      • When next committing, check the "Sign Commit" "Commit Option"
    • Command line Git

  • Check that the commits are now signed

    • If SourceTree is correctly configured to sign commits, when committing a file you see the following screens:

      The -c gpg.program=/Applications/ commit -q --gpg-sign=FAE3579EEA1C6363 command line options identify a signed Git commit:

      git -c diff.mnemonicprefix=false -c core.quotepath=false -c credential.helper=sourcetree -c gpg.program=/Applications/ commit -q --gpg-sign=FAE3579EEA1C6363 -F /var/folders/jw/5wfdcdr137q_hh1jw5nzcyvw0000gp/T/SourceTreeTemp.LiStAR 
Last modified on Feb 26, 2016

Was this helpful?

Provide feedback about this article
Powered by Confluence and Scroll Viewport.