diff --git a/getssl b/getssl
index 2257349..b714129 100755
--- a/getssl
+++ b/getssl
@@ -1094,7 +1094,7 @@ find_dns_utils() {
     if [[ -n "$(command -v drill 2>/dev/null)" ]]; then
         debug "HAS DIG_OR_DRILL=drill"
         HAS_DIG_OR_DRILL="drill"
-    elif [[ -n "$(command -v dig 2>/dev/null)" ]]; then
+    elif [[ -n "$(command -v dig 2>/dev/null)" ]] && dig >/dev/null 2>&1; then
         debug "HAS DIG_OR_DRILL=dig"
         HAS_DIG_OR_DRILL="dig"
     fi
diff --git a/test/30-handle-dig-failure.bats b/test/30-handle-dig-failure.bats
new file mode 100644
index 0000000..7ebd2c3
--- /dev/null
+++ b/test/30-handle-dig-failure.bats
@@ -0,0 +1,44 @@
+#! /usr/bin/env bats
+
+load '/bats-support/load.bash'
+load '/bats-assert/load.bash'
+load '/getssl/test/test_helper.bash'
+
+
+# This is run for every test
+setup() {
+    export CURL_CA_BUNDLE=/root/pebble-ca-bundle.crt
+    if [ -f /usr/bin/drill ]; then
+        mv /usr/bin/drill /usr/bin/drill.getssl.bak
+    fi
+    if [ -f /usr/bin/dig ]; then
+        chmod +x /usr/bin/dig
+    fi
+}
+
+
+teardown() {
+    if [ -f /usr/bin/drill.getssl.bak ]; then
+        mv /usr/bin/drill.getssl.bak /usr/bin/drill
+    fi
+    if [ -f /usr/bin/dig ]; then
+        chmod -x /usr/bin/dig
+    fi
+}
+
+
+@test "Test that if dig exists but errors HAS_DIG is not set" {
+    if [ -n "$STAGING" ]; then
+        skip "Using staging server, skipping internal test"
+    fi
+    if [ ! -f /usr/bin/dig ]; then
+        skip "dig not installed, skipping dig test"
+    fi
+    CONFIG_FILE="getssl-http01.cfg"
+    setup_environment
+    init_getssl
+    create_certificate -d
+    assert_success
+    refute_line --partial "HAS DIG_OR_DRILL=dig"
+    check_output_for_errors "debug"
+}