This version of GitHub Enterprise was discontinued on 2021-06-09. No patch releases will be made, even for critical security issues. For better performance, improved security, and new features, upgrade to the latest version of GitHub Enterprise. For help with the upgrade, contact GitHub Enterprise support.

Troubleshooting commit signature verification

You may need to troubleshoot unexpected issues that arise when signing commits locally for verification on GitHub Enterprise Server.

  • Checking your commit and tag signature verification status

    You can check the verification status of your commit and tag signatures on GitHub Enterprise Server.

  • Updating an expired GPG key

    When verifying a signature, GitHub Enterprise Server checks that the key is not revoked or expired. If your signing key is revoked or expired, GitHub Enterprise Server cannot verify your signatures. If your key is revoked, use the primary key or another key that is not revoked to sign your commits.

  • Using a verified email address in your GPG key

    When verifying a signature, GitHub Enterprise Server checks that the committer or tagger email address matches an email address from the GPG key's identities and is a verified email address on the user's account. This ensures that the key belongs to you and that you created the commit or tag.