From d35848f7a98967c26bf7f78da948ffb223bda04a Mon Sep 17 00:00:00 2001
From: Mariano Cano <mariano.cano@gmail.com>
Date: Wed, 24 Nov 2021 11:43:24 -0800
Subject: [PATCH] Fix unit tests.

---
 authority/tls_test.go | 4 ++--
 ca/ca_test.go         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/authority/tls_test.go b/authority/tls_test.go
index 41354e8d..1b5e4d01 100644
--- a/authority/tls_test.go
+++ b/authority/tls_test.go
@@ -310,7 +310,7 @@ func TestAuthority_Sign(t *testing.T) {
 				extraOpts: extraOpts,
 				signOpts:  _signOpts,
 				err:       errors.New("requested duration of 25h0m0s is more than the authorized maximum certificate duration of 24h1m0s"),
-				code:      http.StatusBadRequest,
+				code:      http.StatusForbidden,
 			}
 		},
 		"fail validate sans when adding common name not in claims": func(t *testing.T) *signTest {
@@ -323,7 +323,7 @@ func TestAuthority_Sign(t *testing.T) {
 				extraOpts: extraOpts,
 				signOpts:  signOpts,
 				err:       errors.New("certificate request does not contain the valid DNS names - got [test.smallstep.com smallstep test], want [test.smallstep.com]"),
-				code:      http.StatusBadRequest,
+				code:      http.StatusForbidden,
 			}
 		},
 		"fail rsa key too short": func(t *testing.T) *signTest {
diff --git a/ca/ca_test.go b/ca/ca_test.go
index 05dca027..e4c35a90 100644
--- a/ca/ca_test.go
+++ b/ca/ca_test.go
@@ -200,8 +200,8 @@ ZEp7knvU2psWRw==
 			return &signTest{
 				ca:     ca,
 				body:   string(body),
-				status: http.StatusBadRequest,
-				errMsg: errs.BadRequestPrefix,
+				status: http.StatusForbidden,
+				errMsg: errs.ForbiddenPrefix,
 			}
 		},
 		"ok": func(t *testing.T) *signTest {