diff --git a/org.eclipse.jgit/META-INF/MANIFEST.MF b/org.eclipse.jgit/META-INF/MANIFEST.MF
index 5fb76f503..1cdb6417b 100644
--- a/org.eclipse.jgit/META-INF/MANIFEST.MF
+++ b/org.eclipse.jgit/META-INF/MANIFEST.MF
@@ -162,17 +162,17 @@ Import-Package: com.googlecode.javaewah;version="[1.1.6,2.0.0)",
  com.jcraft.jsch;version="[0.1.37,0.2.0)",
  javax.crypto,
  javax.net.ssl,
- org.bouncycastle;version="[1.61.0,2.0.0)",
- org.bouncycastle.bcpg;version="[1.61.0,2.0.0)",
- org.bouncycastle.gpg;version="[1.61.0,2.0.0)",
- org.bouncycastle.gpg.keybox;version="[1.61.0,2.0.0)",
- org.bouncycastle.gpg.keybox.jcajce;version="[1.61.0,2.0.0)",
- org.bouncycastle.jce.provider;version="[1.61.0,2.0.0)",
- org.bouncycastle.openpgp;version="[1.61.0,2.0.0)",
- org.bouncycastle.openpgp.jcajce;version="[1.61.0,2.0.0)",
- org.bouncycastle.openpgp.operator;version="[1.61.0,2.0.0)",
- org.bouncycastle.openpgp.operator.jcajce;version="[1.61.0,2.0.0)",
- org.bouncycastle.util.encoders;version="[1.61.0,2.0.0)",
+ org.bouncycastle;version="[1.65.0,2.0.0)",
+ org.bouncycastle.bcpg;version="[1.65.0,2.0.0)",
+ org.bouncycastle.gpg;version="[1.65.0,2.0.0)",
+ org.bouncycastle.gpg.keybox;version="[1.65.0,2.0.0)",
+ org.bouncycastle.gpg.keybox.jcajce;version="[1.65.0,2.0.0)",
+ org.bouncycastle.jce.provider;version="[1.65.0,2.0.0)",
+ org.bouncycastle.openpgp;version="[1.65.0,2.0.0)",
+ org.bouncycastle.openpgp.jcajce;version="[1.65.0,2.0.0)",
+ org.bouncycastle.openpgp.operator;version="[1.65.0,2.0.0)",
+ org.bouncycastle.openpgp.operator.jcajce;version="[1.65.0,2.0.0)",
+ org.bouncycastle.util.encoders;version="[1.65.0,2.0.0)",
  org.slf4j;version="[1.7.0,2.0.0)",
  org.xml.sax,
  org.xml.sax.helpers
diff --git a/org.eclipse.jgit/src/org/eclipse/jgit/lib/internal/BouncyCastleGpgSigner.java b/org.eclipse.jgit/src/org/eclipse/jgit/lib/internal/BouncyCastleGpgSigner.java
index 388169637..dfcfdab11 100644
--- a/org.eclipse.jgit/src/org/eclipse/jgit/lib/internal/BouncyCastleGpgSigner.java
+++ b/org.eclipse.jgit/src/org/eclipse/jgit/lib/internal/BouncyCastleGpgSigner.java
@@ -25,6 +25,7 @@
 import org.bouncycastle.openpgp.PGPSecretKey;
 import org.bouncycastle.openpgp.PGPSignature;
 import org.bouncycastle.openpgp.PGPSignatureGenerator;
+import org.bouncycastle.openpgp.PGPSignatureSubpacketGenerator;
 import org.bouncycastle.openpgp.operator.jcajce.JcaPGPContentSignerBuilder;
 import org.bouncycastle.openpgp.operator.jcajce.JcePBESecretKeyDecryptorBuilder;
 import org.eclipse.jgit.annotations.NonNull;
@@ -117,6 +118,11 @@ public void sign(@NonNull CommitBuilder commit,
 							HashAlgorithmTags.SHA256).setProvider(
 									BouncyCastleProvider.PROVIDER_NAME));
 			signatureGenerator.init(PGPSignature.BINARY_DOCUMENT, privateKey);
+			PGPSignatureSubpacketGenerator subpacketGenerator = new PGPSignatureSubpacketGenerator();
+			subpacketGenerator.setIssuerFingerprint(false,
+					secretKey.getPublicKey());
+			signatureGenerator
+					.setHashedSubpackets(subpacketGenerator.generate());
 			ByteArrayOutputStream buffer = new ByteArrayOutputStream();
 			try (BCPGOutputStream out = new BCPGOutputStream(
 					new ArmoredOutputStream(buffer))) {