I am trying this:
On client side: 1. Generate a JSON Web Token (JWT) using a header, payload. 2. Sign this JWT using my private key. I also have a certificate which is signed by a root CA. 3. Send the JWT to server.
On server side: 1. Verify the received JWT. 2. I only have access to the public key/certificate of the root CA who has signed my certificate.
Is is possible to verify the signature of the JWT using the public key or certificate of the root CA. Please note that I do not want to verify the JWT using my public key as there are many clients which have their private-public ket pairs and it would not be possible for the server to obtain all the public keys from the clients. My goal is to make the server-side validation use the public key/certificate of the root CA to validate the JWT.
Is this possible?