diff --git a/lemur/tests/test_certificates.py b/lemur/tests/test_certificates.py
index 9f9edf9d..fcf6f887 100644
--- a/lemur/tests/test_certificates.py
+++ b/lemur/tests/test_certificates.py
@@ -328,8 +328,8 @@ def test_create_certificate(issuer_plugin, authority, logged_in_admin):
 def test_create_csr():
     from lemur.certificates.service import create_csr
 
-    csr, private_key = create_csr(common_name='ACommonName', organization='test', organizational_unit='Meters', country='US',
-                                  state='CA', location='Here', owner='joe@example.com')
+    csr, private_key = create_csr(owner='joe@example.com', common_name='ACommonName', organization='test', organizational_unit='Meters', country='US',
+                                  state='CA', location='Here')
     assert csr
     assert private_key
 
diff --git a/lemur/utils.py b/lemur/utils.py
index e42ea7db..b7cd6c89 100644
--- a/lemur/utils.py
+++ b/lemur/utils.py
@@ -100,7 +100,7 @@ class Vault(types.TypeDecorator):
 
         # we only support strings and they should be of type bytes for Fernet
         if not isinstance(value, six.string_types):
-            return None
+            return
 
         if sys.version_info >= (3, 0):
             value = bytes(value, 'utf8')
@@ -122,10 +122,12 @@ class Vault(types.TypeDecorator):
 
         # if the value is not a string we aren't going to try to decrypt
         # it. this is for the case where the column is null
-        if not isinstance(value, six.string_types):
-            return None
 
-        # TODO this may raise an InvalidToken exception in certain
-        # cases. Should we handle that?
-        # https://cryptography.io/en/latest/fernet/#cryptography.fernet.Fernet.decrypt
-        return MultiFernet(self.keys).decrypt(value)
+        if not sys.version_info >= (3, 0):
+            if not isinstance(value, six.string_types):
+                return
+            return MultiFernet(self.keys).decrypt(value)
+        else:
+            if not value:
+                return
+            return str(MultiFernet(self.keys).decrypt(value), 'utf8')
diff --git a/setup.py b/setup.py
index a9f1bc78..b1ee874f 100644
--- a/setup.py
+++ b/setup.py
@@ -52,7 +52,7 @@ install_requires = [
     'marshmallow-sqlalchemy==0.8.0',
     'marshmallow==2.4.0',
     'pycrypto==2.6.1',
-    'cryptography==1.4',
+    'cryptography==1.5',
     'pyopenssl==0.15.1',
     'pyjwt==1.4.0',
     'xmltodict==0.9.2',