Servicenow⇒LINE WORKS integration is currently being implemented.
The API on the LINE WORKS side has been upgraded to 2.0, so the linkage method needs to be changed.
Token information is required to link with LINE WORKS, but it needs to be obtained using JWT.

★Questions
① You can only receive "Private Key (~.key)", "Client ID" and "Client Scret" issued by LINE WORKS.
Upload Java Key Store certificate cannot upload ".key".
Is there any way to do this?

②How can I convert a private key to a public key or digital signature?
I created a public key and a digital signature with PowerShell, but I get an error message saying that they do not match the 509 type, and I cannot upload them.

③I tried to create a digital signature in code base without using Upload Java Key Store certificate and tried API integration, but it is giving me an error.
I would like your advice on how to make it wrong.

*Conducted in personal environment

var CLIENT_ID = "XXXXXX";
var CLIENT_SECRET = "XXXXXX";
var SERVICE_ACCOUNT = "XXXXXX";
var PRIVATE_KEY = "-----BEGIN PRIVATE KEY-----～～～-----END PRIVATE KEY-----";
var privateKeyPEM = PRIVATE_KEY.replace("-----BEGIN PRIVATE KEY-----", "").replace("-----END PRIVATE KEY-----", "").replaceAll("\\s", "");
gs.log(privateKeyPEM);

// ヘッダー
var jwtAPI = new sn_auth.GlideJWTAPI();
var headerJSON = {
"alg": "RS256",
"typ":"JWT"
};
var headerBASE64Encode = GlideStringUtil.base64Encode(JSON.stringify(headerJSON));
gs.log(headerBASE64Encode);
// ペイロード
var gdt = new GlideDateTime();
var st = gdt.getDisplayValue();
gdt.addSeconds(3600);
var en = gdt.getDisplayValue();
var payloadJSON = {
"iss": "XXXXXX",
"sub": "XXXXXX",
"iat": st,
"exp": en
};
var JSONClaimsetBASE64Encode = GlideStringUtil.base64Encode(JSON.stringify(payloadJSON));
gs.log(JSONClaimsetBASE64Encode);
// JWT電子署名
var jwt = headerBASE64Encode + "." + JSONClaimsetBASE64Encode;
gs.log(jwt);
// 秘密鍵
var mac = new GlideCertificateEncryption;
var key = GlideStringUtil.base64Encode(privateKeyPEM);
gs.log(key);
var signature = mac.generateMac(key, "HMAC-SHA256", jwt);
gs.log(signature );
// Token
jwt = jwt + "." + signature;
gs.log(jwt.replace(/={1,2}$/, ''));
var rm = new sn_ws.RESTMessageV2();
rm.setHttpMethod("POST");
rm.setEndpoint("https://auth.worksmobile.com/oauth2/v2.0/token");
rm.setRequestHeader("Content-Type", "application/x-www-form-urlencoded");
var body = {
"assertion": jwt,
"grant_type":"urn:ietf:params:oauth:grant-type:jwt-bearer",
"client_id":"XXXXXX",
"client_secret":"XXXXXX",
"scope":"bot"
};
var bodyText = JSON.stringify(body);
rm.setRequestBody(bodyText);
var request = rm.execute();
gs.log(request.getBody());