diff --git a/arduino/libraries/WiFi/src/WiFiSSLClient.cpp b/arduino/libraries/WiFi/src/WiFiSSLClient.cpp
index 26b94c1..efba07d 100644
--- a/arduino/libraries/WiFi/src/WiFiSSLClient.cpp
+++ b/arduino/libraries/WiFi/src/WiFiSSLClient.cpp
@@ -74,7 +74,6 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
     mbedtls_ctr_drbg_init(&_ctrDrbgContext);
     mbedtls_ssl_config_init(&_sslConfig);
 
-
     mbedtls_net_init(&_netContext);
 
     ets_printf("*** connect inited\n");
@@ -113,7 +112,6 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
     mbedtls_x509_crt_init(&_caCrt);
     mbedtls_ssl_conf_authmode(&_sslConfig, MBEDTLS_SSL_VERIFY_REQUIRED);
 
-    ets_printf("\n***Free internal heap before certs_data %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
     // setting up CA certificates from partition
     spi_flash_mmap_handle_t handle;
     const unsigned char* certs_data = {};
@@ -142,7 +140,6 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
       stop();
       return 0;
     }
-    ets_printf("***Free internal heap after certs_data %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
 
     ets_printf("*** check for client_cert and client_key\n");
     if (client_cert != NULL && client_key != NULL) {
@@ -150,22 +147,19 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
         mbedtls_pk_init(&_clientKey);
 
         ets_printf("*** Loading client certificate.\n");
-        ets_printf("Client Certificate: %s\n", _clientCrt);
         // note: +1 added for line ending
         ret = mbedtls_x509_crt_parse(&_clientCrt, (const unsigned char *)client_cert, strlen(client_cert) + 1);
         if (ret != 0) {
-          ets_printf("ERROR: Client cert not parsed, %d\n", ret);
-          ets_printf("Cert: \n %s", &_clientCrt);
+          ets_printf("ERROR: Client cert not parsed properly(%d)\n", ret);
           stop();
           return 0;
         }
 
         ets_printf("*** Loading private key.\n");
-        ets_printf("Private Key: %s\n", &_clientKey);
         ret = mbedtls_pk_parse_key(&_clientKey, (const unsigned char *)client_key, strlen(client_key)+1,
                                    NULL, 0);
         if (ret != 0) {
-          ets_printf("ERROR: Private key not parsed properly: %d\n", ret);
+          ets_printf("ERROR: Private key not parsed properly:(%d)\n", ret);
           stop();
           return 0;
         }
@@ -175,7 +169,7 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
           if (ret == -0x7f00) {
             ets_printf("ERROR: Memory allocation failed, MBEDTLS_ERR_SSL_ALLOC_FAILED");
           }
-          ets_printf("Private key not parsed properly: %d\n", ret);
+          ets_printf("Private key not parsed properly(%d)\n", ret);
           stop();
           return 0;
         }
@@ -191,7 +185,7 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
     if ((ret = mbedtls_ssl_setup(&_sslContext, &_sslConfig)) != 0) {
       if (ret == -0x7f00){
         ets_printf("%s", &_clientCrt);
-        ets_printf("MBEDTLS_ERR_SSL_ALLOC_FAILED\n");
+        ets_printf("Memory allocation failed (MBEDTLS_ERR_SSL_ALLOC_FAILED)\n");
         ets_printf("Free internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
       }
       ets_printf("Unable to connect ssl setup %d\n", ret);
@@ -211,7 +205,6 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
     mbedtls_ssl_set_bio(&_sslContext, &_netContext, mbedtls_net_send, mbedtls_net_recv, NULL);
 
     ets_printf("*** start SSL/TLS handshake...\n");
-    ets_printf("Free internal heap after TLS %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
     unsigned long start_handshake = millis();
     // ref: https://tls.mbed.org/api/ssl_8h.html#a4a37e497cd08c896870a42b1b618186e
     while ((ret = mbedtls_ssl_handshake(&_sslContext)) !=0) {
@@ -246,7 +239,7 @@ int WiFiSSLClient::connect(const char* host, uint16_t port, const char* client_c
     mbedtls_net_set_nonblock(&_netContext);
 
     ets_printf("Free internal heap before cleanup: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-    // free up the heap
+    // free the heap
     if (certs_data != NULL) {
       mbedtls_x509_crt_free(&_caCrt);
     }
diff --git a/main/CommandHandler.cpp b/main/CommandHandler.cpp
index 0e3f765..9190e28 100644
--- a/main/CommandHandler.cpp
+++ b/main/CommandHandler.cpp
@@ -32,9 +32,11 @@ const char FIRMWARE_VERSION[6] = "1.4.0";
 
 // Optional, user-defined X.509 certificate
 char CERT_BUF[1300];
+bool setCert = 0;
 
 // Optional, user-defined RSA private key
 char PK_BUFF[1700];
+bool setPSK = 0;
 
 /*IPAddress*/uint32_t resolvedHostname;
 
@@ -554,7 +556,6 @@ int startClientTcp(const uint8_t command[], uint8_t response[])
   if (type == 0x00) {
     int result;
 
-    ets_printf("*** Commandhandler L551, .connect init'd\n");
     if (host[0] != '\0') {
       result = tcpClients[socket].connect(host, port);
     } else {
@@ -598,10 +599,17 @@ int startClientTcp(const uint8_t command[], uint8_t response[])
     }
   } else if (type == 0x02) {
     int result;
-    ets_printf("*** Commandhandler 595, .connect init'd\n");
     if (host[0] != '\0') {
+      if (setCert && setPSK) {
+        tlsClients[socket].setCertificate(CERT_BUF);
+        tlsClients[socket].setPrivateKey(PK_BUFF);
+      }
       result = tlsClients[socket].connect(host, port);
     } else {
+      if (setCert && setPSK) {
+        tlsClients[socket].setCertificate(CERT_BUF);
+        tlsClients[socket].setPrivateKey(PK_BUFF);
+      }
       result = tlsClients[socket].connect(ip, port);
     }
 
@@ -1057,42 +1065,31 @@ int wpa2EntEnable(const uint8_t command[], uint8_t response[]) {
 
 int setClientCert(const uint8_t command[], uint8_t response[]){
   ets_printf("*** Called setClientCert\n");
-  ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
 
   memset(CERT_BUF, 0x00, sizeof(CERT_BUF));
   memcpy(CERT_BUF, &command[4], sizeof(CERT_BUF));
 
-  ets_printf("\nCertificate Data (from CircuitPython): \n %s", CERT_BUF);
-  // TODO: add statement for allocation failing.
-  ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-
-  tlsClients[0].setCertificate(CERT_BUF);
-  ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-
-  
   response[2] = 1; // number of parameters
   response[3] = 1; // parameter 1 length
   response[4] = 1;
 
+  setCert = 1;
+
   return 6;
 }
 
 int setCertKey(const uint8_t command[], uint8_t response[]){
   ets_printf("*** Called setCertKey\n");
-  ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
 
-  ets_printf("\nCertificate Data (from CircuitPython): \n %s", PK_BUFF);
   memset(PK_BUFF, 0x00, sizeof(PK_BUFF));
   memcpy(PK_BUFF, &command[4], sizeof(PK_BUFF));
 
-  tlsClients[0].setPrivateKey(PK_BUFF);
-
-  ets_printf("\nFree internal heap: %u\n", heap_caps_get_free_size(MALLOC_CAP_8BIT));
-
   response[2] = 1; // number of parameters
   response[3] = 1; // parameter 1 length
   response[4] = 1;
 
+  setPSK = 1;
+
   return 6;
 }