It's been long enough since git permits its users to sign commits using GPG.
If we want instead to sign commits using X.509 certificates and S/MIME, there's smimesign utility that runs smoothly under Windows and Mac.
However, under Linux things get more messier, especially if we want to use a cryptographic token. It seems that if we want to use an X.509 certificate stored in a PIV card for example to sign commits, we need to use some heavy workarounds (workarounds that involve using : gnupg, gpgsm, gpg-agent, scdaemon, gnupg-pkcs11-scd... etc) in order to make it happen.
Is there a simple (simple to deploy in a corporate environment) known way to sign Git commits using something like PKCS#11 under Linux?