diff --git a/keystone/tests/test_backend.py b/keystone/tests/test_backend.py
index a33b6593c..cec49e713 100644
--- a/keystone/tests/test_backend.py
+++ b/keystone/tests/test_backend.py
@@ -18,6 +18,7 @@ import hashlib
 import mock
 import uuid
 
+from keystoneclient.common import cms
 import six
 from testtools import matchers
 
@@ -32,6 +33,7 @@ from keystone.tests import filtering
 from keystone.tests import test_utils
 from keystone.token import provider
 
+
 CONF = config.CONF
 DEFAULT_DOMAIN_ID = CONF.identity.default_domain_id
 TIME_FORMAT = '%Y-%m-%dT%H:%M:%S.%fZ'
@@ -2906,12 +2908,13 @@ class IdentityTests(object):
 
 class TokenTests(object):
     def _create_token_id(self):
-        # Token must start with MII here otherwise it fails the asn1 test
-        # and is not hashed in a SQL backend.
-        token_id = "MII"
+        # Use a token signed by the cms module
+        token_id = ""
         for i in range(1, 20):
             token_id += uuid.uuid4().hex
-        return token_id
+        return cms.cms_sign_token(token_id,
+                                  CONF.signing.certfile,
+                                  CONF.signing.keyfile)
 
     def test_token_crud(self):
         token_id = self._create_token_id()