diff --git a/.travis.yml b/.travis.yml
index 94cccbd..c4981df 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -8,7 +8,7 @@ rvm:
   - 2.1
   - 1.9.3
   - rbx-2
-  - jruby
+  - jruby-9.1.9.0
 matrix:
   allow_failures:
     - rvm: rbx-2 # See rubinius/rubinius#3485 - rubocop segfaults
diff --git a/Gemfile b/Gemfile
index 0b8b833..726da02 100755
--- a/Gemfile
+++ b/Gemfile
@@ -12,7 +12,7 @@ group :development do
   gem 'rake', '~> 10.0'
   gem 'redis', '~> 3.2'
   gem 'rspec', '~> 3.0'
-  gem 'rubocop', '~> 0.49.0'
+  gem 'rubocop', '>= 0.41', '< 0.50'
   gem 'simplecov', '~> 0.9'
   gem 'sinatra'
   gem 'webmock', '~> 1.21'
diff --git a/googleauth.gemspec b/googleauth.gemspec
index c604a6d..370857f 100755
--- a/googleauth.gemspec
+++ b/googleauth.gemspec
@@ -28,7 +28,7 @@ Gem::Specification.new do |s|
 
   s.add_dependency 'faraday', '~> 0.12'
   s.add_dependency 'logging', '~> 2.0'
-  s.add_dependency 'jwt', '~> 1.4'
+  s.add_dependency 'jwt', '>= 1.4', '< 3.0'
   s.add_dependency 'memoist', '~> 0.12'
   s.add_dependency 'multi_json', '~> 1.11'
   s.add_dependency 'os', '~> 0.9'
diff --git a/spec/googleauth/service_account_spec.rb b/spec/googleauth/service_account_spec.rb
index 679c0ef..26bbcba 100644
--- a/spec/googleauth/service_account_spec.rb
+++ b/spec/googleauth/service_account_spec.rb
@@ -54,7 +54,7 @@ shared_examples 'jwt header auth' do
       expect(hdr).to_not be_nil
       expect(hdr.start_with?(auth_prefix)).to be true
       authorization = hdr[auth_prefix.length..-1]
-      payload, = JWT.decode(authorization, @key.public_key)
+      payload, = JWT.decode(authorization, @key.public_key, true, algorithm: 'RS256')
       expect(payload['aud']).to eq(test_uri)
       expect(payload['iss']).to eq(client_email)
     end
@@ -135,7 +135,8 @@ describe Google::Auth::ServiceAccountCredentials do
     blk = proc do |request|
       params = Addressable::URI.form_unencode(request.body)
       _claim, _header = JWT.decode(params.assoc('assertion').last,
-                                   @key.public_key)
+                                   @key.public_key, true,
+                                   algorithm: 'RS256')
     end
     stub_request(:post, 'https://www.googleapis.com/oauth2/v4/token')
       .with(body: hash_including(
diff --git a/spec/googleauth/signet_spec.rb b/spec/googleauth/signet_spec.rb
index dab6ed5..608dfb0 100644
--- a/spec/googleauth/signet_spec.rb
+++ b/spec/googleauth/signet_spec.rb
@@ -57,7 +57,8 @@ describe Signet::OAuth2::Client do
     blk = proc do |request|
       params = Addressable::URI.form_unencode(request.body)
       _claim, _header = JWT.decode(params.assoc('assertion').last,
-                                   @key.public_key)
+                                   @key.public_key, true,
+                                   algorithm: 'RS256')
     end
     stub_request(:post, 'https://accounts.google.com/o/oauth2/token')
       .with(body: hash_including(