diff --git a/compose.test.yaml b/compose.test.yaml
index 57e3a3f..5f49e37 100644
--- a/compose.test.yaml
+++ b/compose.test.yaml
@@ -10,19 +10,18 @@ services:
       - ./test:/test
       - /dev:/dev
     working_dir: /ta/example
-    command: bash -c 'mount -o remount,exec /dev && ego-go build -buildvcs=false -trimpath=true && ego sign example && source /test/issue_service.sh && sleep 10 && ego run example'
+    command: bash -c 'mount -o remount,exec /dev && ego-go build -buildvcs=false -trimpath=true && ego sign example && source /test/issue_service.sh && ego run example'
     privileged: true
     environment:
       - OE_SIMULATION=0
     env_file:
       - test/env/ta.env
       - test/env/common.env
-    restart: unless-stopped
+    profiles:
+      - ta
 
   verifier:
     build: ./docker
-    ports:
-      - "10.0.0.5:443:443"
     volumes:
       - ./verifier:/verifier
       - ./core:/core
@@ -34,3 +33,14 @@ services:
       - test/env/common.env
     privileged: true
     tty: true
+    profiles:
+      - verifier
+
+  tunnel:
+    restart: unless-stopped
+    image: cloudflare/cloudflared
+    command: tunnel --url http://verifier:8080 
+    env_file:
+      - test/env/tunnel.env
+    profiles:
+      - verifier
diff --git a/ta/example/main.go b/ta/example/main.go
index 085a192..e6bbabf 100644
--- a/ta/example/main.go
+++ b/ta/example/main.go
@@ -54,5 +54,7 @@ func main() {
 	}
 
 	http.HandleFunc("/", handler)
-	server.ListenAndServeTLS("", "")
+
+	err = server.ListenAndServeTLS("", "")
+	panic(err)
 }
diff --git a/verifier/serv/main.go b/verifier/serv/main.go
index b5e7cb8..e81ef16 100644
--- a/verifier/serv/main.go
+++ b/verifier/serv/main.go
@@ -1,21 +1,16 @@
 package main
 
 import (
-	"crypto/tls"
 	"embed"
 	"fmt"
 	"html/template"
 	"io"
-	"net/http"
-	"os"
 
 	"github.com/akakou/ra_webs/verifier"
 	"github.com/akakou/ra_webs/verifier/api"
 	"github.com/akakou/ra_webs/verifier/notifier"
 	"github.com/labstack/echo/v4"
 	"github.com/labstack/echo/v4/middleware"
-	"golang.org/x/crypto/acme"
-	"golang.org/x/crypto/acme/autocert"
 )
 
 //go:embed views/*/*.html
@@ -42,13 +37,6 @@ func InjectSWHeader(next echo.HandlerFunc) echo.HandlerFunc {
 }
 
 func main() {
-	verifierHost := os.Getenv("RA_WEBS_VERIFIER_HOST")
-
-	autoTLSManager := autocert.Manager{
-		Prompt: autocert.AcceptTOS,
-		Cache:  autocert.DirCache("/var/www/.cache"),
-	}
-
 	e := echo.New()
 	verifier, err := verifier.DefaultVerifier()
 	if err != nil {
@@ -74,19 +62,9 @@ func main() {
 
 	fmt.Printf("public: %v\nprivate: %v", verifier.Notifier.(*notifier.BrowserNotifier).VapidPublicKey, verifier.Notifier.(*notifier.BrowserNotifier).VapidPrivateKey)
 
-	s := http.Server{
-		Addr:    verifierHost + ":443",
-		Handler: e,
-		TLSConfig: &tls.Config{
-			GetCertificate: autoTLSManager.GetCertificate,
-			NextProtos:     []string{acme.ALPNProto},
-		},
-	}
-
 	go verifier.Monitor.Run(verifier)
 	// fmt.Printf("public: %v\nprivate: %v", verifier.Notifier.(*notifier.BrowserNotifier).VapidPublicKey, verifier.Notifier.(*notifier.BrowserNotifier).VapidPrivateKey)
 
-	if err := s.ListenAndServeTLS("", ""); err != http.ErrServerClosed {
-		e.Logger.Fatal(err)
-	}
+	e.Logger.Fatal(e.Start(":8080"))
 }
+