Configure GPG for Git on Windows

Update Oct. 2018, as commented below by PHPirate:

λ git --versiongit version 2.19.1.windows.1λ gpg --versiongpg (GnuPG) 2.2.9-unknownlibgcrypt 1.8.3Copyright (C) 2018 Free Software Foundation, Inc.

No trace of that update in git-for-windows/git/releases

Original answer (2017):By default, Git for Windows includes a gpg1, not gpg2

vonc@bvonc MINGW64 ~/.ssh$ gpg --versiongpg (GnuPG) 1.4.21

Using a different gpg is indeed recommended:

git config --global gpg.program "c:/Program Files (x86)/GnuPG/bin/gpg.exe"

Try again with the latest Git for Windows with UTF-8 set in locale.
Try a Git simplified path to rule out any interference from other programs.

Since (at least) git 2.19.1, git includes gpg2!

That means you are not required to install gpg4win anymore just for git signing.You ask how to setup commit signing such that you only have to enter your passphrase after a certain timeout: gpg-agent can handle that, and I tested that it works with git's gpg (but not with gnupg's gpg). Although it doesn't always work for me, it should work in general.

Below is a short summary of the full instructions I have written down here, assuming you have signing set up:

1. Make sure you are using git's gpg
2. Update the cache time, in C:\Users\username\.gnupg\gpg-agent.conf (create the file if it doesn't exist), add default-cache-ttl 34560000 and max-cache-ttl 34560000. These times are in seconds, choose whatever you want.
3. Restart gpg-agent using gpgconf --kill gpg-agent.