diff --git a/quarry/net/auth.py b/quarry/net/auth.py
index 0e38f34..59edcf9 100644
--- a/quarry/net/auth.py
+++ b/quarry/net/auth.py
@@ -86,7 +86,8 @@ def _callback(data):
             d0.callback(CertificatePair(keyPair["privateKey"], keyPair["publicKey"], data["publicSignature1"],
                                         data["publicSignature2"], data["expiresAt"]))
 
-        d1 = self._request_services("player/certificates")
+        # TODO "post" is to force http.request to send a POST request, which shouldn't be required
+        d1 = self._request_services(b"player/certificates", post=True)
         d1.addCallbacks(_callback, d0.errback)
         return d0
 
@@ -96,15 +97,15 @@ def use_signing(self):
         def _callback(data):
             self.certificates = data
             self.enable_signing = True
-            d0.callback(self)
+            d0.callback(self.certificates)
 
         if not self.certificates or self.certificates.is_expired():
             d1 = self._get_certificates()
             d1.addCallbacks(_callback, d0.errback)
+            return d0
         else:
             self.enable_signing = True
-            d0.callback(self.certificates)
-        return d0
+            return self.certificates
 
     def refresh(self):
         d0 = defer.Deferred()
@@ -218,7 +219,7 @@ def _request_services(self, endpoint, **data):
             timeout=self.timeout,
             err_type=ProfileException,
             data=data,
-            headers={"Authorization": f"Bearer {self.access_token}"}
+            headers={"Authorization": [f"Bearer {self.access_token}"]}
         )
 
     @classmethod