diff --git a/Cargo.toml b/Cargo.toml
index 515c2d755..2e6a2a215 100644
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -91,6 +91,8 @@ void = { version = "1", optional = true }
 [patch.crates-io]
 # Waiting for https://github.com/tiny-http/tiny-http/pull/151
 tiny_http = { git = "https://github.com/aidanhs/tiny-http-sccache.git", rev = "a14fa0a" }
+# Waiting for https://github.com/Keats/jsonwebtoken/pull/74
+jsonwebtoken = { git = "https://github.com/Jake-Shadle/jsonwebtoken.git", rev = "2f469a61" }
 
 [dev-dependencies]
 assert_cmd = "0.9"
@@ -114,12 +116,10 @@ tokio-reactor = "0.1"
 [features]
 default = ["s3"]
 all = ["redis", "s3", "memcached", "gcs", "azure"]
-# gcs requires openssl, which is a pain on Windows.
-all-windows = ["redis", "s3", "memcached", "azure"]
 azure = ["chrono", "hyper", "hyperx", "rust-crypto", "url"]
 s3 = ["chrono", "hyper", "hyperx", "reqwest", "rust-crypto", "simple-s3"]
 simple-s3 = []
-gcs = ["chrono", "hyper", "jsonwebtoken", "openssl", "reqwest", "url"]
+gcs = ["chrono", "hyper", "jsonwebtoken", "reqwest", "url"]
 memcached = ["memcached-rs"]
 # Enable features that require unstable features of Nightly Rust.
 unstable = []
@@ -132,4 +132,3 @@ dist-tests = []
 
 [workspace]
 exclude = ["tests/test-crate"]
-
diff --git a/appveyor.yml b/appveyor.yml
index 8f8602372..7a6764fce 100644
--- a/appveyor.yml
+++ b/appveyor.yml
@@ -16,10 +16,10 @@ install:
 - cargo -V
 
 build_script:
-- cmd: cargo build %RELEASE% --verbose --features="all-windows %EXTRA_FEATURES%"
+- cmd: cargo build %RELEASE% --verbose --features="all %EXTRA_FEATURES%"
 
 test_script:
-- cmd: cargo test --all %RELEASE% --verbose --features="all-windows %EXTRA_FEATURES%"
+- cmd: cargo test --all %RELEASE% --verbose --features="all %EXTRA_FEATURES%"
 
 for:
 
diff --git a/src/cache/gcs.rs b/src/cache/gcs.rs
index 05f8fa033..37720cf8a 100644
--- a/src/cache/gcs.rs
+++ b/src/cache/gcs.rs
@@ -19,6 +19,7 @@ use std::io;
 use std::rc::Rc;
 use std::time;
 
+use base64;
 use cache::{
     Cache,
     CacheRead,
@@ -33,7 +34,6 @@ use hyper::Method;
 use reqwest;
 use reqwest::async::{Request, Client};
 use jwt;
-use openssl;
 use serde_json;
 use url::form_urlencoded;
 use url::percent_encoding::{percent_encode, PATH_SEGMENT_ENCODE_SET, QUERY_ENCODE_SET};
@@ -224,14 +224,16 @@ impl GCSCredentialProvider {
             issued_at: chrono::offset::Utc::now().timestamp(),
         };
 
-        let binary_key = openssl::rsa::Rsa::private_key_from_pem(
-            self.sa_key.private_key.as_bytes()
-        )?.private_key_to_der()?;
+        // Could also use the pem crate, but that seems overly complicated for just the specific
+        // case of GCP keys
+        let key_string = self.sa_key.private_key.splitn(5, "-----").nth(2).ok_or_else(|| "invalid key format")?;
+        // Skip the leading `\n`
+        let key_bytes = base64::decode_config(key_string[1..].as_bytes(), base64::MIME)?;
 
         let auth_request_jwt = jwt::encode(
             &jwt::Header::new(jwt::Algorithm::RS256),
             &jwt_claims,
-            &binary_key,
+            &key_bytes,
         )?;
 
         Ok(auth_request_jwt)
diff --git a/src/errors.rs b/src/errors.rs
index 5707c3f51..877860e3c 100644
--- a/src/errors.rs
+++ b/src/errors.rs
@@ -20,6 +20,7 @@ use std::error;
 use std::io;
 use std::process;
 
+use base64;
 use bincode;
 use futures::Future;
 use futures::future;
@@ -50,6 +51,7 @@ error_chain! {
         Json(serde_json::Error);
         Jwt(jwt::errors::Error) #[cfg(feature = "jsonwebtoken")];
         Openssl(openssl::error::ErrorStack) #[cfg(feature = "openssl")];
+        Base64Decode(base64::DecodeError);
         Bincode(bincode::Error);
         Memcached(memcached::proto::Error) #[cfg(feature = "memcached")];
         Redis(redis::RedisError) #[cfg(feature = "redis")];