diff --git a/src/server/AuthorizationManager.cpp b/src/server/AuthorizationManager.cpp
index 7c32ea2..e8482c4 100644
--- a/src/server/AuthorizationManager.cpp
+++ b/src/server/AuthorizationManager.cpp
@@ -128,14 +128,14 @@ void AuthorizationManager::ListCertificates(QString token, QJsonObject *out){
 }
 
 void AuthorizationManager::ListCertificateChecksums(QJsonObject *out){
- QStringList keys; //Format: "RegisteredCerts/<user>/<key>"
+ QStringList keys; //Format: "RegisteredCerts/<user>/<key>" (value is full text)
     //Read all user's certs (since we only need checksums)
     keys = CONFIG->allKeys().filter("RegisteredCerts/");
   keys.sort();
   QJsonArray arr;
   QCryptographicHash chash(QCryptographicHash::Md5);
   for(int i=0; i<keys.length(); i++){
-    chash.addData( CONFIG->value(keys[i]).toString().toLocal8Bit() );
+    chash.addData( keys[i].section("/",2,-1).toLocal8Bit() );
     QByteArray res = chash.result();
     chash.reset();
     arr << QString(res);
diff --git a/src/server/WebSocket.cpp b/src/server/WebSocket.cpp
index 27396b2..7874682 100644
--- a/src/server/WebSocket.cpp
+++ b/src/server/WebSocket.cpp
@@ -131,7 +131,7 @@ void WebSocket::EvaluateREST(QString msg){
 }
 
 void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
-  //qDebug() << "Evaluate Request:" << REQ.namesp << REQ.name << REQ.args;
+  qDebug() << "Evaluate Request:" << REQ.namesp << REQ.name << REQ.args;
   RestOutputStruct out;
     out.in_struct = REQ;
   QHostAddress host;
@@ -150,7 +150,7 @@ void WebSocket::EvaluateRequest(const RestInputStruct &REQ){
       AUTHSYSTEM->clearAuth(SockAuthToken); //new auth requested - clear any old token
       SockAuthToken = AUTHSYSTEM->LoginUP(host, out.in_struct.auth.section(":",0,0), out.in_struct.auth.section(":",1,1));
     }
-	  
+  //qDebug() << "Auth Token:" << SockAuthToken;
     //Now check the body of the message and do what it needs
 if(out.in_struct.namesp.toLower() == "rpc"){
   if(out.in_struct.name == "identify"){
@@ -377,19 +377,23 @@ void WebSocket::ParseIncoming(){
   // Check if we have a complete JSON request waiting to be parsed
   QString JsonRequest;
   for ( int i = 0; i<incomingbuffer.size(); i++) {
-    JsonRequest = incomingbuffer;
-    JsonRequest.truncate(i);
-    if ( !QJsonDocument::fromBinaryData(JsonRequest.toLocal8Bit()).isNull() )
+    if(incomingbuffer[i]!='}'){ continue; } //only look for the end of a JSON block
+    JsonRequest = incomingbuffer.left(i+1);
+    //REST requests will have non-JSON at the top - trim that off
+    JsonRequest = "{"+JsonRequest.section("{",1,-1);
+    //JsonRequest.truncate(i);
+    //qDebug() << "Check JSON:" << JsonRequest;
+    if ( !QJsonDocument::fromJson(JsonRequest.toLocal8Bit()).isNull() )
     {
       // We have what looks like a valid JSON request, lets parse it now
       //qDebug() << "TCP Message" << JsonRequest;
-      EvaluateREST(JsonRequest);
+      EvaluateREST(incomingbuffer.left(i+1)); //send the full message
       incomingbuffer.remove(0, i);
       found = true;
       break;
     }
   }
-
+  //if(!found){ qDebug() << "Bad Message:" << incomingbuffer; }
   // If the buffer is larger than 128000 chars and no valid JSON somebody
   // is screwing with us, lets clear the buffer
   if ( ! found && incomingbuffer.size() > 128000 ) {