Why is the GnuPG-sign checkbox disabled in SourceTree?
You likely aren't pointing the GPG Program setting (found in SourceTree -> Preferences -> Advanced) at the right bin. If you're using GPGTools on OS X, it should be /usr/local/MacGPG2/bin. To navigate to the /usr/bin directory in the Open File dialog, click shift + command + g
Since SourceTree version 1.8.1, that checkbox will also be disabled if you had no GPG key when SourceTree was started. Creating your first GPG key while SourceTree is still running won't help. You will need to restart SourceTree in order for it to notice that you now have GPG keys.
Although techpeace's answer seems to have resolved it for BJ Myers, there is also another possible reason for the option to remain greyed out despite correcting the setting.
If your keyring has been around for a while (close to 20 years in my case), chances are that some debris has piled up in one corner or another of the trust database. The tricky bit is that in most cases this doesn't show up in obvious ways, i.e. you can still sign, verify, encrypt, and decrypt stuff just fine. It's just that spurious keyid_from_fingerprint: no pubkey or public key of ultimately trusted key 00000000 not found that shows up from time to time (typically when using some keyring management front-end).
And this trustdb inconsistency was what prevented SourceTree from enabling the commit signing options in my case.
The solution is straightforward; simply follow Spike's instructions for weeding out 00000000 keys from the trustdb. Spike talks about one 00000000 entry, but in my case there were several. Just remove them all. Takes less than 5 minutes, and works like a charm.