diff --git a/Dockerfile b/Dockerfile
index d94e0cc9f3..659409d2cb 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -4,6 +4,6 @@ COPY . /go/src/github.com/docker/vetinari
 
 RUN GOPATH=/go/:/go/src/github.com/docker/vetinari/Godeps/_workspace go install github.com/docker/vetinari/cmd/vetinari-server
 
-EXPOSE 4443
+EXPOSE 4444
 
 CMD vetinari-server -config /go/src/github.com/docker/vetinari/cmd/vetinari-server/dev-config.json
diff --git a/cmd/vetinari-server/dev-config.json b/cmd/vetinari-server/dev-config.json
index c8a994af4d..20b56a5316 100644
--- a/cmd/vetinari-server/dev-config.json
+++ b/cmd/vetinari-server/dev-config.json
@@ -1,6 +1,6 @@
 {
 	"server": {
-		"addr": ":4443",
+		"addr": ":4444",
 		"tls_cert_file": "../../fixtures/vetinari.key",
 		"tls_key_file": "../../fixtures/vetinari.pem",
 		"tls_ca_file": "/go/src/github.com/docker/vetinari/fixtures/ca.cert"
diff --git a/docker-compose.yml b/docker-compose.yml
index d041c38d86..161d59ef86 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -4,7 +4,7 @@ vetinari:
    - rufus
   ports:
    - "8080:8080"
-   - "127.0.0.1:4443:4443"
+   - "4444:4444"
 rufus:
   build: ../rufus
   ports:
diff --git a/server/rufus_trust.go b/server/rufus_trust.go
index 4e536df140..119989d673 100644
--- a/server/rufus_trust.go
+++ b/server/rufus_trust.go
@@ -28,8 +28,11 @@ func newRufusSigner(hostname string, port string, tlscafile string) *RufusSigner
 	if err != nil {
 		log.Fatalf("fail to read: %v", err)
 	}
+	log.Println("before dial")
 	opts = append(opts, grpc.WithTransportCredentials(creds))
+	log.Println("after dial")
 	conn, err := grpc.Dial(netAddr, opts...)
+	log.Println("finished dial")
 	if err != nil {
 		log.Fatalf("fail to dial: %v", err)
 	}
diff --git a/server/server.go b/server/server.go
index 401e779800..3ebbe1962f 100644
--- a/server/server.go
+++ b/server/server.go
@@ -25,6 +25,7 @@ func Run(ctx context.Context, conf *config.Configuration) error {
 	if conf.TrustService.Type == "remote" {
 		log.Println("[Vetinari Server] : Using remote signing service")
 		trust = newRufusSigner(conf.TrustService.Hostname, conf.TrustService.Port, conf.Server.TLSCAFile)
+		log.Println("return from RufusSigner")
 	} else {
 		log.Println("[Vetinari Server] : Using local signing service")
 		trust = signed.NewEd25519()
@@ -34,6 +35,7 @@ func Run(ctx context.Context, conf *config.Configuration) error {
 	if err != nil {
 		return err
 	}
+	log.Println("loaded x509")
 
 	tlsConfig := &tls.Config{
 		MinVersion:               tls.VersionTLS12,
@@ -52,14 +54,17 @@ func Run(ctx context.Context, conf *config.Configuration) error {
 		Rand:         rand.Reader,
 	}
 
+	log.Println("resolving tcpaddr")
 	tcpAddr, err := net.ResolveTCPAddr("tcp", conf.Server.Addr)
 	if err != nil {
 		return err
 	}
+	log.Println("setup listen tcp")
 	lsnr, err := net.ListenTCP("tcp", tcpAddr)
 	if err != nil {
 		return err
 	}
+	log.Println("new listener")
 	tlsLsnr := tls.NewListener(lsnr, tlsConfig)
 
 	// This is a basic way to shutdown the running listeners.
@@ -74,6 +79,7 @@ func Run(ctx context.Context, conf *config.Configuration) error {
 	}()
 
 
+	log.Println("roothandlerfactory")
 	hand := utils.RootHandlerFactory(&utils.InsecureAuthorizer{}, utils.NewContext, trust)
 
 	r := mux.NewRouter()
@@ -83,6 +89,7 @@ func Run(ctx context.Context, conf *config.Configuration) error {
 	r.Methods("DELETE").Path("/{imageName}:{tag}").Handler(hand(handlers.RemoveHandler, utils.SSDelete))
 	r.Methods("POST").Path("/{imageName}:{tag}").Handler(hand(handlers.AddHandler, utils.SSUpdate))
 
+	log.Println("server")
 	server := http.Server{
 		Addr:    conf.Server.Addr,
 		Handler: r,