Many customers have TLS enabled, which is different from the lab environment.

Curl

Curl requires a specified CA certificate, otherwise it will report an error.

curl --cacert ca.crt https://127.0.0.1:10080/status

Wget

Many containers do not have curl, so wget is used instead. Wget is better as it does not require a CA certificate.

wget --no-check-certificate http://127.0.0.1:10080/status

One day, I impulsively turned on GitHub’s Vigilant mode.

As a result, all my commits started looking like this.

To figure out how to make them Verified, I found the following method.

Method

I actually referred to this link. However, it wasn’t quite enough, as there might be authentication-related issues on MacBooks that lead to commit errors. So, I found this solution.

In summary, to verify, you need to enter a password. The issue on a Mac is the prompt for entering the password, which needs to be replaced with pinentry-mac, which most people install via homebrew.

Moreover, this solution thoughtfully provides a way to verify:

echo "test" | gpg --clearsign

GPG Experience

1. It doesn’t replace the ssh key. After successfully setting it up, I deleted my GitHub ssh key and discovered that I couldn’t log in. Actually, it only verifies the legitimacy of commits.
2. On the local machine, in any repo, you only need to enter the password once, and that makes it a verified commit. It doesn’t affect daily use; it just adds a green check mark for verification.
3. Using the https protocol + token seems more reliable than this method, but I’m not sure if it provides a verified mark.