Uhhh.......................
Well okay, this IS a newsflash for me now. When @Bruce5051 mentioned Never share your PRIVATE KEY, I merely thought that was to say (other than literally just not sharing it) to never use a shared/exposed key. I at least knew that much.
But from all of the hubbub going on in this post, I'm now seeing it's MUCH more than that.
And for that, I humbly apologize for wasting your time in having to create a revocation for something I never had any intention of using outside of testing my program.
Should I take it that no one should include the signature portion of their token? Just the header and payload?
I had looked at all of the error-related posts, like Parse error reading JWS and never saw any comment about them posting their private key.
Was it because I didn't explicitly state from my initial post that it was just a test key (even though I did say test request?
I definitely don't want to be wasting people's time from mistakes like that.
I do find it odd that the "private key" content I posted here from jwt.io is different from the text file that was used from my system.
What was posted here begins with MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQ, which matches the start of my file, but it veers off after that: Here gev...; File gjg.... And it doesn't even contain ANY of the JWK.D value.
If you'd like to see for comparison, I can post the file content here. I just don't want you to have to waste generating another revocation. Again, it's all just a temporary test key while I test my program.
EDIT0:
For that matter, where did that private key come from, when I nulled out the JWT.D value prior to sending the token?