diff --git a/scripts/decrypt-secrets.sh b/scripts/decrypt-secrets.sh
index dda0e163fe9d..6140da66805c 100755
--- a/scripts/decrypt-secrets.sh
+++ b/scripts/decrypt-secrets.sh
@@ -20,6 +20,7 @@ ROOT=$( dirname "$DIR" )
 # Work from the project root.
 cd $ROOT
 
-openssl aes-256-cbc -k "$1" -in testing/secrets.tar.enc -out secrets.tar -d
+openssl aes-256-cbc -k "$1" -md sha256 \
+	-in testing/secrets.tar.enc -out secrets.tar -d
 tar xvf secrets.tar
 rm secrets.tar
diff --git a/scripts/encrypt-secrets.sh b/scripts/encrypt-secrets.sh
index b1d6d9451f1d..cbf0ad201f69 100755
--- a/scripts/encrypt-secrets.sh
+++ b/scripts/encrypt-secrets.sh
@@ -24,7 +24,6 @@ read -s -p "Enter password for encryption: " PASSWORD
 echo
 
 tar cvf secrets.tar testing/{service-account.json,client-secrets.json,test-env.sh}
-openssl aes-256-cbc -k "$PASSWORD" -in secrets.tar -out testing/secrets.tar.enc
+openssl aes-256-cbc -k "$PASSWORD" -md sha256 \
+	-in secrets.tar -out testing/secrets.tar.enc
 rm secrets.tar
-
-travis encrypt "SECRETS_PASSWORD=$PASSWORD" --add --override
diff --git a/storage/cloud-client/README.md b/storage/cloud-client/README.md
new file mode 100644
index 000000000000..3d7e3664f583
--- /dev/null
+++ b/storage/cloud-client/README.md
@@ -0,0 +1,10 @@
+
+For requester_pays_test.py, we need to use a different Storage bucket.
+
+The test looks for an environment variable `REQUESTER_PAYS_TEST_BUCKET`.
+
+Also, the service account for the test needs to have `Billing Project
+Manager` role in order to make changes on buckets with requester pays
+enabled.
+
+We added that role to the test service account.
diff --git a/storage/cloud-client/requester_pays_test.py b/storage/cloud-client/requester_pays_test.py
index 70a4b2002954..f034ad028382 100644
--- a/storage/cloud-client/requester_pays_test.py
+++ b/storage/cloud-client/requester_pays_test.py
@@ -23,7 +23,9 @@
 import storage_download_file_requester_pays
 import storage_get_requester_pays_status
 
-BUCKET = os.environ["CLOUD_STORAGE_BUCKET"]
+
+# We use a different bucket from other tests.
+BUCKET = os.environ["REQUESTER_PAYS_TEST_BUCKET"]
 PROJECT = os.environ["GCLOUD_PROJECT"]
 
 
diff --git a/testing/secrets.tar.enc b/testing/secrets.tar.enc
index d4ceb5f2aefa..1a749dbfcc0d 100644
Binary files a/testing/secrets.tar.enc and b/testing/secrets.tar.enc differ
diff --git a/testing/test-env.tmpl.sh b/testing/test-env.tmpl.sh
index ba6b5008ffa6..080704e859e9 100644
--- a/testing/test-env.tmpl.sh
+++ b/testing/test-env.tmpl.sh
@@ -5,6 +5,7 @@ export GOOGLE_CLOUD_PROJECT=$GCLOUD_PROJECT
 export FIRESTORE_PROJECT=
 
 export CLOUD_STORAGE_BUCKET=$GCLOUD_PROJECT
+export REQUESTER_PAYS_TEST_BUCKET="${CLOUD_STORAGE_BUCKET}-requester-pays-test"
 export API_KEY=
 export BIGTABLE_CLUSTER=bigtable-test
 export BIGTABLE_ZONE=us-central1-c