Hi, I am quite new in this topic, so I just might miss a main thing that is easy to solve.
I generated a JWT, private_key.pem, public_key.pem and a JWKS.
I used the debugger on jwt.io to verify my components.
When I use Encoded JWT with private_key.pem and public_key.pem, signature is verified.
When I use Encoded JWT with private_key.pem and JWK, signature is NOT verified
My JWK contains the public_key.pem as x5c value. This might be the problem, but I am not sure about this. Here are the components I used in the debugger:
Encoded JWT:
eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJqdGkiOiJteV9qd3RfaWQiLCJpYXQiOjE2NjY3NzEyNDZ9.w31MBueBSGxkemCU5_lnPwvD-SFY-h0TW664hWvjN7Doho2fAK5Fs8QtjaPDvnNVosttT401G4ZRbbC9ReLJmDulIpp-b0oFj7TQAkU3O6YZyADJL0rW7FuFv3ZXkGwI1FRpH1rhi9TS1qO1wpoeIZeVxYEqrDHRt5AWKrQhrn6wcy__ZVr5HPjZDsdbA5QDXuZnBhNX4SzvSUFuM9qRFjS97WOs-9gfgS56b09EsWoX89Krq1FhN2HUOrB85i__K2QEAylJshEjzYaNyJb8wqMQPA3J9kaqsLLCnydIxhocgJcBYhr-CJQIoTggZdZNyJWIRcsruz5w8xb43FItDg
private_key.pem
-----BEGIN PRIVATE KEY-----
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQD1IwqVvaO59bOK
x0OzVIZoeUN03kFVbsaOngHwb7l7frG0zNKfaTVFcinx02tHL41YCrVXNCNBZsw2
Gg4TVTLgULSV996/mAp66uCq7DgO73VfEEtcyXShVDWiPk1lK4LvFFzHiFXNUIwR
Fb9UPBvGL5R4KvddcCMA5P1bENDbj7IfOvKsFZ2r2yF2fFmd7U2Ft8Cgj/3lLTuH
fo3n2uOywBJCkyfIu2YJ2BW6eA5ajM8Qv45GTlIINumr1TlO7Ts4bXWS/Y8sTp50
o2uwAyzVJ3vr6HoCbXrhCg/UOpXrIkQ4gEM8TaAber1ddIs6hDo5bWondeTXUwDG
wPCtJkxPAgMBAAECggEANViY1xlb5f4YQl022HHOhjHNgkNTyHnA8Axms6I8pSlf
Fs90DojgtOoxQpUVxXoNslkyOXX5LiRm0Gc/JOnnlnU5t2Ensl4t+a3fkpKxaF6o
FjX/kIOuw+UFfvc79IZRiiHORwXeVj3vHVC0QGqMSMbV8oi3KDhdBbbPg9/W89CW
k/wx3iOu+GJxf6JA5+Zj1WhDGdLPyFb3ob8h9bbzz8hNLSqS9f779NtsdLYTpXjo
PS7A0//7HHSLuKHpw4cyEFlLJrLEqPcdCH5hU43TQ7IGGH/okKLi7y63hCEsreqZ
8zUcvCgSlL2o2Y1FCs8VBcNDxGrDPVH907+dV1RkcQKBgQD8DNsJx8T8JMPHHC7A
RQI8+NI+4CORBfZBT+cSd+6VG9cIFjXmVzDBU/rMPoDR6MxhVZhf7QzOEeKY3m8v
sqV2FiLrG5SJg3/IjYZlkaGbE3KuPbGnc9yPjLlvNIT8yvxmO0Re2S28MLfjNfJx
L1i80XHIQyiRrEkKomcSX82RcwKBgQD4+nOfClc3cXRMkN/85OdDmm3O+FtO6Tef
xfSuy1fMgxd6ApTl0UlqKTiOX4YS/Qg7pkcPSDBoRptkxvqnnVcSEzBhCdicDC6d
nojw+ZlqGKHHyJmrvVplPj4yyrRmIOorJA7pNfv6O2MmtNe/XB8JJewrCLHZkyAp
qZ7P2oIytQKBgBUmEv74Fyw8/Xxoffe+EpkBG8sQzYsun+INDUt8arVyN5HDI1Sn
fjzKiiG3IOH8EaIdJ4LtBgUIdSX0jAnJiJ6m7tkhYE5FjWRLk7pUBOZZNGcwYAa3
7wrQeQK+umXntlPxpyP6Px8qS1OyRByBJ4X4YP63u+C1Pw+4XsOo7DvHAoGBALd/
dql3aJI/NtSbTcnINr23WkjY+AqvjcRelBgjW8EpuKq+rli2p6HrYXhk5J6oCGJW
CTc1ICAqMarTj7brGloC9HwAUrmnrM+UIR9hBfWQ0+M3cDKH6tCFUDgE93HxvkQv
XiH5HI3vKQNE82FglqsaXPXWgaV2bpTmI1rTk3OlAoGBAIjJt9yUou53LcEuLUkr
s+OeskK2EZbHC7r32GNKrUhcbcQkUJAeLhMfyMV8DdA1xntzle+eTEJ58ZovMMvG
3FYxTnM8idXWMHyFBAMNTj07eC+JHJl17XdEN4XvBiXgGSfY4pNL+LIWiyLepVbU
OFqSNolJg1PkiR3hulkeYMRV
-----END PRIVATE KEY-----
public_key.pem
-----BEGIN PUBLIC KEY-----
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SMKlb2jufWzisdDs1SG
aHlDdN5BVW7Gjp4B8G+5e36xtMzSn2k1RXIp8dNrRy+NWAq1VzQjQWbMNhoOE1Uy
4FC0lffev5gKeurgquw4Du91XxBLXMl0oVQ1oj5NZSuC7xRcx4hVzVCMERW/VDwb
xi+UeCr3XXAjAOT9WxDQ24+yHzryrBWdq9shdnxZne1NhbfAoI/95S07h36N59rj
ssASQpMnyLtmCdgVungOWozPEL+ORk5SCDbpq9U5Tu07OG11kv2PLE6edKNrsAMs
1Sd76+h6Am164QoP1DqV6yJEOIBDPE2gG3q9XXSLOoQ6OW1qJ3Xk11MAxsDwrSZM
TwIDAQAB
-----END PUBLIC KEY-----
JWK String:
{
"kty": "RSA",
"use": "sig",
"kid": "my_jwt_id",
"x5c": [
"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9SMKlb2jufWzisdDs1SGaHlDdN5BVW7Gjp4B8G+5e36xtMzSn2k1RXIp8dNrRy+NWAq1VzQjQWbMNhoOE1Uy4FC0lffev5gKeurgquw4Du91XxBLXMl0oVQ1oj5NZSuC7xRcx4hVzVCMERW/VDwbxi+UeCr3XXAjAOT9WxDQ24+yHzryrBWdq9shdnxZne1NhbfAoI/95S07h36N59rjssASQpMnyLtmCdgVungOWozPEL+ORk5SCDbpq9U5Tu07OG11kv2PLE6edKNrsAMs1Sd76+h6Am164QoP1DqV6yJEOIBDPE2gG3q9XXSLOoQ6OW1qJ3Xk11MAxsDwrSZMTwIDAQAB"
]
}
I think I might be missing something between the relationship between private_key.pem and x5c