diff --git a/Godeps/_workspace/src/github.com/miekg/dns/fuzz_test.go b/Godeps/_workspace/src/github.com/miekg/dns/fuzz_test.go
new file mode 100644
index 000000000..255869730
--- /dev/null
+++ b/Godeps/_workspace/src/github.com/miekg/dns/fuzz_test.go
@@ -0,0 +1,25 @@
+package dns
+
+import "testing"
+
+func TestFuzzString(t *testing.T) {
+	testcases := []string{"", " MINFO ", "	RP ", "	NSEC 0 0", "	\" NSEC 0 0\"", "  \" MINFO \"",
+		";a ", ";a����������",
+		"	NSAP O ", "  NSAP N ",
+		" TYPE4 TYPE6a789a3bc0045c8a5fb42c7d1bd998f5444 IN 9579b47d46817afbd17273e6",
+		" TYPE45 3 3 4147994 TYPE\\(\\)\\)\\(\\)\\(\\(\\)\\(\\)\\)\\)\\(\\)\\(\\)\\(\\(\\R 948\"\")\\(\\)\\)\\)\\(\\ ",
+		"$GENERATE 0-3 ${441189,5039418474430,o}",
+		"$INCLUDE 00 TYPE00000000000n ",
+		"$INCLUDE PE4 TYPE061463623/727071511 \\(\\)\\$GENERATE 6-462/0",
+	}
+	for i, tc := range testcases {
+		rr, err := NewRR(tc)
+		if err == nil {
+			// rr can be nil because we can (for instance) just parse a comment
+			if rr == nil {
+				continue
+			}
+			t.Fatalf("parsed mailformed RR %d: %s", i, rr.String())
+		}
+	}
+}
diff --git a/ca/certificate-authority-data.go b/ca/certificate-authority-data.go
index 9270c81b7..23225db47 100644
--- a/ca/certificate-authority-data.go
+++ b/ca/certificate-authority-data.go
@@ -84,7 +84,12 @@ func (cadb *CertificateAuthorityDatabaseImpl) IncrementAndGetSerial(tx *gorp.Tra
 		return
 	}
 
-	row := rowObj.(*SerialNumber)
+	row, ok := rowObj.(*SerialNumber)
+	if !ok {
+		err = fmt.Errorf("No serial number found. This is a serious issue")
+		return
+	}
+
 	val = row.Number
 	row.Number = val + 1
 
diff --git a/cmd/external-cert-importer/main.go b/cmd/external-cert-importer/main.go
index 0371fc36d..790e48831 100644
--- a/cmd/external-cert-importer/main.go
+++ b/cmd/external-cert-importer/main.go
@@ -159,7 +159,7 @@ func main() {
 		blog.SetAuditLogger(auditlogger)
 
 		// Configure DB
-		dbMap, err := sa.NewDbMap(c.Common.PolicyDB.Driver, c.Common.PolicyDB.Name)
+		dbMap, err := sa.NewDbMap(c.PA.DBDriver, c.PA.DBConnect)
 		cmd.FailOnError(err, "Could not connect to database")
 
 		dbMap.AddTableWithName(core.ExternalCert{}, "externalCerts").SetKeys(false, "SHA1")
diff --git a/cmd/shell.go b/cmd/shell.go
index e27f5fb9e..202dbdac6 100644
--- a/cmd/shell.go
+++ b/cmd/shell.go
@@ -170,6 +170,11 @@ type Config struct {
 		StatsdRate                 float32
 	}
 
+	PA struct {
+		DBDriver  string
+		DBConnect string
+	}
+
 	Common struct {
 		BaseURL string
 		// Path to a PEM-encoded copy of the issuer certificate.
diff --git a/sa/database.go b/sa/database.go
index 193826e3c..732bd411d 100644
--- a/sa/database.go
+++ b/sa/database.go
@@ -96,11 +96,8 @@ func recombineURLForDB(dbConnect string) (string, error) {
 		return "", err
 	}
 
-	// Check the parseTime=true DSN is present
-	if k := dsnVals.Get("parseTime"); k != "true" {
-		dsnVals.Set("parseTime", "true")
-		dbURL.RawQuery = dsnVals.Encode()
-	}
+	dsnVals.Set("parseTime", "true")
+
 	user := dbURL.User.Username()
 	passwd, hasPass := dbURL.User.Password()
 	dbConn := ""
diff --git a/test/boulder-config.json b/test/boulder-config.json
index 83f90ba04..7466119bd 100644
--- a/test/boulder-config.json
+++ b/test/boulder-config.json
@@ -49,7 +49,7 @@
     "serialPrefix": 255,
     "profile": "ee",
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true",
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test",
     "debugAddr": "localhost:8001",
     "testMode": true,
     "_comment": "This should only be present in testMode. In prod use an HSM.",
@@ -116,7 +116,7 @@
 
   "sa": {
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true",
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test",
     "debugAddr": "localhost:8003"
   },
 
@@ -132,12 +132,12 @@
 
   "revoker": {
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true"
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test"
   },
 
   "ocspResponder": {
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true",
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test",
     "path": "/",
     "listenAddress": "localhost:4001",
     "debugAddr": "localhost:8005"
@@ -145,7 +145,7 @@
 
   "ocspUpdater": {
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true",
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test",
     "minTimeToExpiry": "72h",
     "debugAddr": "localhost:8006"
   },
@@ -160,7 +160,7 @@
     "username": "cert-master@example.com",
     "password": "password",
     "dbDriver": "mysql",
-    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test?parseTime=true",
+    "dbConnect": "mysql+tcp://boulder@localhost:3306/boulder_test",
     "messageLimit": 0,
     "nagTimes": ["24h", "72h", "168h", "336h"],
     "emailTemplate": "test/example-expiration-template",