diff --git a/server-ca/chocolate.py b/server-ca/chocolate.py
index d220c2af1..f87e3c6cd 100755
--- a/server-ca/chocolate.py
+++ b/server-ca/chocolate.py
@@ -116,6 +116,7 @@ class session(object):
     def add_request(self, csr, names):
         sessions.hset(self.id, "csr", csr)
         for name in names: sessions.rpush(self.id + ":names", name)
+        sessions.hset(self.id, "client-addr", web.ctx.ip)
         sessions.hset(self.id, "state", "makechallenge")
         sessions.lpush("pending-makechallenge", self.id)
         sessions.publish("requests", "makechallenge")
diff --git a/server-ca/daemon.py b/server-ca/daemon.py
index 6a25d2a1e..c8e1836f8 100644
--- a/server-ca/daemon.py
+++ b/server-ca/daemon.py
@@ -125,7 +125,11 @@ def makechallenge(session):
     #
     # Make one challenge for each name.  (This one-to-one relationship
     # is not an inherent protocol requirement!)
-    for i, name in enumerate(r.lrange("%s:names" % session, 0, -1)):
+    names = r.lrange("%s:names" % session, 0, -1)
+    if debug: print "%s: new session (request complies with policy)" % session
+    if debug: print "%s: from requesting client at %s" % r.hget(session, "client-addr")
+    if debug: print "%s: for %d names: %s" % (session, len(names), ",".join(names))
+    for i, name in enumerate(names):
         challenge = "%s:%d" % (session, i)
         r.hset(challenge, "challtime", int(time.time()))
         r.hset(challenge, "type", 0)   # DomainValidateSNI