diff --git a/getssl b/getssl
index bfd5a4e..e364f51 100755
--- a/getssl
+++ b/getssl
@@ -52,7 +52,7 @@ PRIVATE_KEY_ALG="rsa"
 SERVER_TYPE="webserver"
 _USE_DEBUG=0
 _CREATE_CONFIG=0
-_RENEW_ALL=0
+_CHECK_ALL=0
 _FORCE_RENEW=0
 
 clean_up() { # Perform pre-exit housekeeping
@@ -338,8 +338,8 @@ help_message() {
 	  -h, --help      Display this help message and exit
 	  -d, --debug     Outputs debug information
 	  -c, --create    Create default config files
-	  -f, --force     Fore renewal of cert (overrides expiry checks)
-	  -a, --all       Renew all certificates
+	  -f, --force     Force renewal of cert (overrides expiry checks)
+	  -a, --all       Check all certificates
 	  -w working_dir  Working directory
 	
 	_EOF_
@@ -362,7 +362,7 @@ while [[ -n $1 ]]; do
     -f | --force)
      _FORCE_RENEW=1 ;;
     -a | --all)
-     _RENEW_ALL=1 ;;
+     _CHECK_ALL=1 ;;
     -w)
       shift; WORKING_DIR="$1" ;;
     -* | --*)
@@ -384,8 +384,8 @@ _requires xxd
 _requires base64
 _requires nslookup
 
-if [ ${_RENEW_ALL} -eq 1 ]; then
-  info "Renew all certificates"
+if [ ${_CHECK_ALL} -eq 1 ]; then
+  info "Check all certificates"
 
   if [ ${_CREATE_CONFIG} -eq 1 ]; then
     error_exit "cannot combine -c|--create with -a|--all"
@@ -398,16 +398,15 @@ if [ ${_RENEW_ALL} -eq 1 ]; then
   if [ ! -d "$WORKING_DIR" ]; then
     error_exit "working dir not found or not set - $WORKING_DIR"
   fi
-
-  for dir in $(ls "$WORKING_DIR"); do
-    if [ -d "$WORKING_DIR/$dir" ]; then
-      info "Renewing $dir"
+  for dir in ${WORKING_DIR}/*; do
+    if [ -d "$dir" ]; then
+      debug "Checking $dir"
 
       cmd="$0 -w '$WORKING_DIR'"
       if [ ${_USE_DEBUG} -eq 1 ]; then
         cmd="$cmd -d"
       fi
-      cmd="$cmd $dir"
+      cmd="$cmd $(basename $dir)"
 
       debug "CMD: $cmd"
       eval "$cmd"
@@ -495,7 +494,7 @@ fi
 
 # if it's a webserver, connect and obtain the certificate 
 if [[ "${SERVER_TYPE}" == "webserver" ]] && [ $_FORCE_RENEW -eq 0 ]; then
-  info "getting certificate for $DOMAIN from webserver" 
+  debug "getting certificate for $DOMAIN from webserver" 
   EX_CERT=$(echo | openssl s_client -servername ${DOMAIN} -connect ${DOMAIN}:443 2>/dev/null | openssl x509 2>/dev/null)
   if [ ! -z "$EX_CERT" ]; then # if obtained a cert
     if [ -f "$CERT_FILE" ]; then #if local exists
@@ -532,7 +531,7 @@ if [[ "${SERVER_TYPE}" == "webserver" ]] && [ $_FORCE_RENEW -eq 0 ]; then
         fi
       fi
     else # local cert doesn't exist"
-      info "local certificate doesn't exist, saving a copy from remote"
+      debug "local certificate doesn't exist, saving a copy from remote"
       echo "$EX_CERT" > "$DOMAIN_DIR/${DOMAIN}.crt"
     fi
   else
@@ -548,10 +547,12 @@ fi
 if [ -f "$CERT_FILE" ]; then
   debug "certificate $CERT_FILE exists"
   enddate=$(openssl x509 -in $CERT_FILE -noout -enddate 2>/dev/null| cut -d= -f 2-)
+  debug "enddate is $enddate"
   if [[ "$enddate" != "-" ]]; then
     if [[ $(date -d "${RENEW_ALLOW} days" +%s) -lt $(date -d "$enddate" +%s) ]]; then
-      error_exit "existing certificate ( $CERT_FILE ) is still valid for more than $RENEW_ALLOW days - aborting"
+      error_exit "certificate for $DOMAIN is still valid for more than $RENEW_ALLOW days"
     else
+      debug "certificate  for $DOMAIN needs renewal"
       cert_archive "${CERT_FILE}"
     fi
   fi