GPG commit signing not working

Hello folks,

I am a student and I am going to write my thesis about vulnerabities in Git. For this I am using GitLab (self hosted (version 15.5) on a virtual machine (Ubuntu)) to simulate. I was trying to sign my commit with GPG but it failed.

Here’s what I already did already:

  • GPG key successfully created
  • I checked it with gpg --list-secret-keys --keyid-format LONG #Mailadress#
  • I added the public part to GitLab (Profile / Preferences / GPG Keys)
  • I added the key with git config --global user.signingkey #Key#
  • commit.gpgsign is set on true (checked in the configfile)
  • due to my initial mailadress wasnt verified I added my actual one, which I also set in gpg presettings in the admin panel to my account due to I do not get a confirmation mail, when I do it in the account itself
  • the GPG key is listed as “verified” now after this operation

And ye, I still get the following error, when I try to sign a commit with git commit -S […]

“error: gpg failed to sign the data
fatal: failed to write commit object”

Does someone has a solution or idea for this problem?

Thanks alot,