Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
JWT signature does not match locally computed signature only on some POD
See original GitHub issueDescribe the bug
We are using PS256 as signing algorithm with rotated keys. the app is running on java 11 and deployed in kubernetes.
Recently we started to encounter signature verification issue, all jwt that passed through one pod will fail with JWT signature does not match locally computed signature. JWT validity cannot be asserted and should not be trusted message, but further retry with different pod confirms that the jwt is not the problem. Our current resolution for this is to kill the pod, but this is not ideal.
To Reproduce We are not able to reproduce it locally yet, but let me know if there’s any info that might be helpful
Expected behavior Signature should be successfully verified, as it’s verifiable on similar pods.
Screenshots
Issue Analytics
- State:
- Created 2 years ago
- Reactions:1
- Comments:12 (5 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
It’s running on the same k8s deployment, so it should have the exact same configuration
This issue has been automatically marked as stale due to inactivity for 60 or more days. It will be closed in 7 days if no further activity occurs.