diff --git a/tests/test_cli.py b/tests/test_cli.py
index eb4dde0..cdf40d8 100644
--- a/tests/test_cli.py
+++ b/tests/test_cli.py
@@ -1,15 +1,22 @@
 import os
 import requests
+from falcon import testing
 from click.testing import CliRunner
 from certidude.cli import entry_point as cli
 from datetime import datetime, timedelta
 from cryptography.hazmat.primitives import hashes, serialization
 from cryptography.x509.oid import NameOID
-import thread
+import pytest
 from xattr import setxattr
 
 runner = CliRunner()
 
+@pytest.fixture(scope='module')
+def client():
+    from certidude.api import certidude_app
+    return testing.TestClient(certidude_app())
+
+
 def test_cli_setup_authority():
     result = runner.invoke(cli, ['setup', 'authority'])
     assert not result.exception
@@ -21,7 +28,9 @@ def test_cli_setup_authority():
     assert authority.ca_cert.not_valid_before < datetime.now()
     assert authority.ca_cert.not_valid_after > datetime.now() + timedelta(days=7000)
 
-    thread.start_new_thread(runner.invoke, (cli, ['serve', '-p', '8080']))
+    # Try starting up forked server
+    result = runner.invoke(cli, ['serve', '-f', '-p', '8080'])
+    assert not result.exception
 
     from cryptography import x509
     from cryptography.hazmat.primitives.asymmetric import rsa, padding
@@ -39,7 +48,7 @@ def test_cli_setup_authority():
         csr.sign(key, hashes.SHA256(), default_backend()).public_bytes(serialization.Encoding.PEM))
 
     # Check that we can retrieve empty CRL
-    r = requests.get("http://localhost:8080/api/revoked")
+    r = client().simulate_get("/api/revoked/")
     assert r.status_code == 200
 
     result = runner.invoke(cli, ['list', '-srv'])
@@ -62,43 +71,43 @@ def test_cli_setup_authority():
 
 
     # Test CA certificate fetch
-    r = requests.get("http://localhost:8080/api/certificate")
+    r = client().simulate_get("/api/certificate")
     assert r.status_code == 200
     assert r.headers.get('content-type') == "application/x-x509-ca-cert"
 
 
     # Test signed certificate API call
-    r = requests.get("http://localhost:8080/api/signed/test2")
+    r = client().simulate_get("/api/signed/test2")
     assert r.status_code == 200
     assert r.headers.get('content-type') == "application/x-pem-file"
 
-    r = requests.get("http://localhost:8080/api/signed/test2", headers={"Accept":"application/json"})
+    r = client().simulate_get("/api/signed/test2", headers={"Accept":"application/json"})
     assert r.status_code == 200
     assert r.headers.get('content-type') == "application/json"
 
 
     # Test revocations API call
-    r = requests.get("http://localhost:8080/api/revoked")
+    r = client().simulate_get("/api/revoked")
     assert r.status_code == 200
     assert r.headers.get('content-type') == "application/x-pkcs7-crl"
 
-    r = requests.get("http://localhost:8080/api/revoked",
+    r = client().simulate_get("/api/revoked",
         headers={"Accept":"application/x-pem-file"})
     assert r.status_code == 200
     assert r.headers.get('content-type') == "application/x-pem-file"
 
     # Test attribute fetching API call
-    r = requests.get("http://localhost:8080/api/signed/test2/attr/")
+    r = client().simulate_get("/api/signed/test2/attr/")
     assert r.status_code == 403
 
     path, _, _ = authority.get_signed("test2")
     setxattr(path, "user.lease.address", b"127.0.0.1")
 
-    r = requests.get("http://localhost:8080/api/signed/test2/attr/")
+    r = client().simulate_get("/api/signed/test2/attr/")
     assert r.status_code == 200
 
     # Tags should not be visible anonymously
-    r = requests.get("http://localhost:8080/api/signed/test2/tag/")
+    r = client().simulate_get("/api/signed/test2/tag/")
     assert r.status_code == 401
 
 
@@ -108,3 +117,6 @@ def test_cli_setup_authority():
 
     result = runner.invoke(cli, ['revoke', 'test3'])
     assert not result.exception
+
+
+