diff --git a/Makefile b/Makefile
index 45017d0..7ac3f29 100644
--- a/Makefile
+++ b/Makefile
@@ -1,14 +1,15 @@
 
 .PHONY: test examples clean test_full pebble pebble_setup pebble_start pebble_wait pebble_stop boulder boulder_setup boulder_start boulder_stop
 
-
+# some variables for path injection, if already set will not override
 GOPATH ?= $(HOME)/go
 BOULDER_PATH ?= $(GOPATH)/src/github.com/letsencrypt/boulder
 PEBBLE_PATH ?= $(GOPATH)/src/github.com/letsencrypt/pebble
 TEST_PATH ?= github.com/eggsampler/acme/v3
 
 
-# tests the code against a running ca instance
+# tests the code against an already running ca instance
+# to actually do a test against pebble or boulder, including , see the 'pebble' or 'boulder' targets
 test:
 	-go clean -testcache
 	go test -v -race -coverprofile=coverage.out -covermode=atomic $(TEST_PATH)
@@ -24,6 +25,7 @@ clean:
 test_full: clean examples pebble pebble_stop boulder boulder_stop
 
 
+# sets up & runs pebble (in docker), tests, then stops pebble
 pebble: pebble_setup pebble_start pebble_wait test pebble_stop
 
 pebble_setup:
@@ -45,6 +47,7 @@ pebble_stop:
 	docker-compose -f $(PEBBLE_PATH)/docker-compose.yml down
 
 
+# sets up & runs boulder (in docker), tests, then stops boulder
 boulder: boulder_setup boulder_start boulder_wait test boulder_stop
 
 # NB: this edits docker-compose.yml
@@ -53,7 +56,6 @@ boulder_setup:
 	-git clone --depth 1 https://github.com/letsencrypt/boulder.git $(BOULDER_PATH)
 	(cd $(BOULDER_PATH); git checkout -f main && git reset --hard HEAD && git pull -q)
 	make boulder_stop
-	rm -rf $(BOULDER_PATH)/temp
 
 # runs an instance of boulder
 boulder_start:
diff --git a/docker-compose.boulder-temp.yml b/docker-compose.boulder-temp.yml
index 34f0abf..8455b23 100644
--- a/docker-compose.boulder-temp.yml
+++ b/docker-compose.boulder-temp.yml
@@ -1,5 +1,5 @@
 version: '3'
 services:
   boulder:
-    volumes:
-      - ./temp:/tmp
+    ports:
+      - "8055:8055"
\ No newline at end of file
diff --git a/utility_test.go b/utility_test.go
index 8b25a75..dc8dc72 100644
--- a/utility_test.go
+++ b/utility_test.go
@@ -348,8 +348,10 @@ func fetchRoot() []byte {
 	var certsPem []string
 
 	boulderPath := getPath("BOULDER_PATH", "boulder")
-	certPaths = append(certPaths, filepath.Join(boulderPath, "temp", "root-cert-ecdsa.pem"))
-	certPaths = append(certPaths, filepath.Join(boulderPath, "temp", "root-cert-rsa.pem"))
+	certPaths = append(certPaths, filepath.Join(boulderPath, ".hierarchy", "root-cert-ecdsa.pem"))
+	certPaths = append(certPaths, filepath.Join(boulderPath, ".hierarchy", "root-cert-rsa.pem"))
+
+	certPaths = append(certPaths, filepath.Join(boulderPath, "test", "wfe-tls", "minica.pem"))
 
 	pebblePath := getPath("PEBBLE_PATH", "pebble")
 	// these certs are the ones used for the web server, not signing
@@ -362,7 +364,7 @@ func fetchRoot() []byte {
 			log.Printf("error reading: %s", v)
 			continue
 		}
-		certsPem = append(certsPem, strings.TrimSpace(string(bPem)))
+		certsPem = append(certsPem, "# "+v+"\n"+strings.TrimSpace(string(bPem)))
 	}
 
 	tr := &http.Transport{