How to sign ore plugins?

How do I make the SIG or ASC files required to sign ore uploads?

What do you currently have. Have you installed something like GPG? Do you have a key already? So on.

I have a PGP key linked to my ore account and also have keys on my github.

Sign the key with your key and select that when you upload the plugin after uploading the plugin itself. Here is more info on it. https://docs.spongepowered.org/master/en/ore/publish.html

I have my key and it’s linked to my Ore profile, but when I do gpg --output myplugin-1.0.0.jar.sig --detach-sig myplugin-1.0.0.jar and upload the file and the sig, it says Signature verification failed.

Sorry, I’m still very new to this.

Easiest way to do it is to add my plugin ‘flavor.pie.promptsign’ 1.0.1. It’ll automatically produce a signature when running ‘build’, as well as prompt for any signing info it needs.