Signing your Git commits in Windows 11

Signing your Git commits in Windows 11

Signing your Git commits is an essential practice for developers to enhance security and verify authenticity. Below are the steps you can follow to configure your Windows 11 development environment for commit signing.

Generate a GPG key

Install Gpg4win:

winget install gpg4win -s winget

Generate a RSA4096 GPG key:

gpg --full-generate-key

View your key and make note of your secret:

gpg --list-secret-keys --keyid-format=long

View y our public key:

gpg --armor --export <sec_value>

Configure Git

View where Gpg4win was installed and make note of it's location:

(Get-Command gpg).Source | Resolve-Path

Using this path and your GPG secret, update your Git configuration to use it for signing all your commits:

git config --global user.signingkey <sec_value>
git config --global commit.gpgsign true
git config --global tag.gpgsign true
git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"

Configure GitHub

If you use GitHub, you will also want to add your public key to the SSH and GPG keys page in your account.