On Mon, Oct 22, 2012 at 6:38 AM, Mat Arge <argemat1...@gmail.com> wrote:
> I would like to sign each commit with a X.509 certificate and a private key
> stored on a PKCS#11 token. I assume that that should be possible somehow using
> a hook which calls openssl. Does somebody know a working implementation of
Creating signatures from an rsa key on a pkcs11 token should be
possible, but gnupg doesn't support pkcs11 for philosophical reasons.
You need to use gnupg-pkcs11 which is maintained outside of the gnupg
Once you configure gnupg-pkcs11-scd, you'll be able to use git and gpg
to sign tags as usual.
I configured this a while back for use with CAC cards using the
Try those docs. If you have questions, I'll try to find my notes.
To unsubscribe from this list: send the line "unsubscribe git" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html