When persistent commit verification is enabled, Enterprise Server stores a verification record alongside each commit when its signature is verified. This record ensures that verified commits maintain their verification status even if signing keys are later rotated, expired, or revoked. For more information about persistent commit verification, see About commit signature verification.
By default, persistent commit verification is enabled on Enterprise Server 3.17 and later.
Each verified commit requires approximately 80 bytes of storage. For large installations with a large number of verified commits (e.g., hundreds of thousands or more), you may want to disable this feature to limit data growth.
You can disable persistent commit verification for your Enterprise Server instance.
In the administrative shell, run the following command.
Bash ghe-config app.persist-commit-signature-verification.enabled false
ghe-config app.persist-commit-signature-verification.enabled falseApply the configuration.
Bash ghe-config-apply
ghe-config-apply
If you previously disabled persistent commit verification, you can re-enable it.
In the administrative shell, run the following command.
Bash ghe-config app.persist-commit-signature-verification.enabled true
ghe-config app.persist-commit-signature-verification.enabled trueApply the configuration.
Bash ghe-config-apply
ghe-config-apply