git commit signing failed: secret key not available

I am getting this error when trying to commit using Git.

gpg: skipped "name <[email protected]>": secret key not available
gpg: signing failed: secret key not available
error: gpg failed to sign the data
fatal: failed to write commit object

I have generated a new key as below but it still gives the same error

gpg --list-keys
~/.gnupg/pubring.gpg
--------------------------------
pub   2048R/35F5FFB2 2016-04-23
uid                  name (New key) <[email protected]>
sub   2048R/112A8C2D 2016-04-23

The secret key is the same as above

I have found this https://stackoverflow.com/questions/12061645/generating-a-gpg-key-for-git-tagging and followed the steps but it still doesn't work, any idea?

This worked for me on Windows 10 (Note that I use the absolute path to gpg.exe):

git config --global gpg.program "C:\Program Files (x86)\GnuPG\bin\gpg.exe"

This was the error I got prior to the fix:

gpg: skipped "3E81C*******": secret key not available
gpg: signing failed: secret key not available
error: gpg failed to sign the data
fatal: failed to write commit object

You need to configure the secret key before using it.

git config user.signingkey 35F5FFB2

Or declare it globally if you want to use the same key for every repository.

git config --global user.signingkey 35F5FFB2

Source: Git Tools - Signing Your Work

What worked for me was adding

git config --global gpg.program "C:/Program Files (x86)/GNU/GnuPG/gpg2.exe"

If you want to find the full path of gpg2.exe:

where gpg2.exe

I'like to complete all these answers, cause I've got many issues with this.

These exemples use the --global flag, but you can remove it if you want to to these things locally.

Configure secret key in git

git config --global user.signingkey 35F5FFB2

Configure witch gpg program tu use in git (optional)

Some systems (Ubuntu for exemple) can have gpg and gpg2 at the same time. You need to specify you'll use gpg2

git config --global gpg.program gpg2

Export GPG_TTY (optional)

It is possible if you use these command in an ssh environment that you have the following error : Inappropriate ioctl for device or gpg: échec de la signature : Ioctl() inapproprié pour un périphérique. This can be fixed via :

export GPG_TTY=$(tty)

Auto enable GPG singing (optional)

git config --global commit.gpgsign true

I recently found the same secret key not available error and a few more along the way, like GPG agent not found for instance.

In my case I wanted to get commits signed and showing as verified on GitHub.

Below are the complete steps to get it working on Windows 10 x64:

Install GPG

I installed GPG 2.3.1 with winget like so:

C:\> winget install GnuPG.GnuPG

Verify it with:

C:\> gpg --version

Generate GPG key

C:\> gpg --full-generate-key

• Add your real name and e-mail, the same as used in the GitHub account.

• The key must be at least 4096 bits.

Export the key in ASCII armor format

First list the key:

C:\> gpg --list-secret-keys --keyid-format=long

> sec rsa4096/[short-key] 2021-06-14 [SC]

Then export it:

C:\> gpg --armor --export [short-key]

Copy the key including the BEGIN/END text.

-----BEGIN PGP PUBLIC KEY BLOCK-----
[huge-ascii-key]
-----END PGP PUBLIC KEY BLOCK-----

Add the GPG armor ASCII key to the GitHub account

Go to Profile > Settings > SSH and GPG keys > New GPG key

Or please follow these visual instructions.

Configure Git to sign all commits by default

C:\> git config --global user.signingkey [short-key]
C:\> git config --global commit.gpgsign true
C:\> git config --global gpg.program "C:/Program Files (x86)/gnupg/bin/gpg"

Set GPG environment variable for the GPG Agent

Check for GPG agent:

gpg-agent --version

Set the environment variable:

GNUPGHOME=%USERPROFILE%\AppData\Roaming\gnupg

Done

The resulting .gitconfig would have the user section like so:

[user]
    name = Your Name
    email = [email protected]
	signingkey = [short-key]
[commit]
	gpgsign = true
[gpg]
	program = C:/Program Files (x86)/gnupg/bin/gpg

I had a situation in which the same was happening to me in a Windows 10 machine.

$ git commit -m "Improve logging, imports and show time executed"
gpg: signing failed: Operation cancelled
gpg: signing failed: Operation cancelled
error: gpg failed to sign the data
fatal: failed to write commit object

The commands "C:\Program Files (x86)\GnuPG\bin\gpg.exe" --list-secret-keys --keyid-format LONG and gpg --list-secret-keys --keyid-format LONG where giving me complete different results!

$ where gpg
C:\Program Files\Git\usr\bin\gpg.exe
C:\Program Files (x86)\GnuPG\bin\gpg.exe

The main reason was related to previous answers but on a different sense:

• I was creating the gpg keys using the git (configured path) version of GPG
• Git was configured to use the downloaded version of gpg for the commit.
• Seems GPG implementations use their own certificate database and storage.

I hope this can help anyone that stumbles on this message and previous answers do not solve ther issue.

Using "C:\Program Files\Git\usr\bin\gpg.exe" was the solution for me.
Had to uninstall kleopatra. With it, it was not working.

So, summing up;

• No need for kleopatra, use GIT default instead.

• git config --global user.signingkey Y0URK3Y
  git config --global commit.gpgsign true
  git config --global gpg.program "C:\Program Files\Git\usr\bin\gpg.exe"
  

You have to set the variable GNUPGHOME. Without it, GnuPG is not able to find your keys.

# On unix add it to your path

# On windows it will usually be under: 
<drive>:\Users\<username>\AppData\Roaming\gnupg

On Unix it simply adding it to the path.
On Windows you have to open the control panel and set it as

System Variable
  Name: GNUPGHOME
  Path: <drive>:\Users\<username>\AppData\Roaming\gnupg

I had the same problem at it was that git name and email store in .gitconfig were different from the ones of the gpg key provided. I changed them in order to match and it started to work.

Maybe you need to clone your own repository where you have rights. I had this issue when I cloned the repository of another person.