GPG Key listed as Unverified

davosian · May 12, 2021, 8:42pm

I followed these instructions to create a new PGP key. I then exported and uploaded the key to gitlab.com (my account → GPG keys), but for some reason Gitlab lists it as Unverified even though the e-mail address matches the commit e-mail address.

All commits made with this user (same e-mail) show up as unverified as well.

Any idea what is causing Gitlab to mark my public key as unverified?

brodock · June 7, 2021, 3:53pm

I just figured out today what was going on with my keys that were showing like that as well… It seems we have to verify the e-mail that is present on the key as well. Go to https://gitlab.com/-/profile/emails and ask it to send the verification code and follow the steps to verify it.

Zymlex · March 14, 2024, 11:34am

GitLab has problem with subkeys:

Topic		Replies	Views
GPG key shows Unverified How to Use GitLab	0	843	August 15, 2022
(Solved) GPG-signed commits consistently unverified How to Use GitLab	3	11221	December 6, 2019
Commit Signing "unverified signature" How to Use GitLab	9	4324	September 22, 2022
Issues with GPG Signature after extending General	1	10	August 11, 2024
Unverified signature using GitHub mirrored repository GitLab CI/CD	1	1067	October 7, 2020

GPG Key listed as Unverified

Related topics