I was not able to get jwt.io or dinochiesa.github.io/jwt/ to sign the JWT in a manner that Apple seemed to like. I ended up using a third party Golang library, which got me to a better error code. Also, if that is your actual private key, you should get a new one.