Auth0 Home Blog Docs

JWT for Client Side Encryption and Server Side Decryption

Hi All,

I’m not sure if I’m trying something which is wrong or if its perfectly OK to try of something like this. I’m encrypting my client side using (https://github.com/kjur/jsrsasign) this library a PayLoad using public key of our own certificate. We are able to successfully generate a token. I’m trying to validate this generated token using the same certificate at the server side using (https://github.com/AzureAD/azure-activedirectory-identitymodel-extensions-for-dotnet) this library and we are always landing with a signature error like
IDX10503: Signature validation failed. Keys tried: 'Microsoft.IdentityModel.Tokens.X509SecurityKey, KeyId: ‘6F566868C3825E94C6128131D991CD60503701B8’, InternalId: ‘59b1eb0e-9e00-4159-83c4-9b163f70c7f2’. , KeyId: 6F566868C3825E94C6128131D991CD60503701B8
'.
Exceptions caught:

  • ‘’.*
    token: ‘{“alg”:“RS256”}.{“Payload”:“Payload”}’.

I’m left with little or no clue and wasting my time playing with my certificate. By the way, I’m creating my certificate using the below commands:

  1. openssl genrsa -des3 -out private.pem 2048
  2. openssl rsa -in private.pem -outform PEM -pubout -out public. pem
  3. openssl req -new -x509 -key private.pem -out publickey.cer -days 1825
  4. openssl pkcs12 -export -out public_privatekey.pfx -inkey private.pem -in publickey.cer

Any help to help me proceed would be much appreciated guys. Thanks in Advance.

-Jaffar.