diff --git a/api/client.go b/api/client.go
index a3e40b0d5b5808af721038b59a8b0c1af9ffa1e3..e6e46ca13160a5cfc9f2160fcbdc74ac765ccbbc 100644
--- a/api/client.go
+++ b/api/client.go
@@ -47,6 +47,7 @@ type Client struct {
 	comm     io.Communications
 	ndf      *ndf.NetworkDefinition
 	topology *circuit.Circuit
+	tls      bool
 }
 
 var PermissioningAddrID = "registration"
@@ -146,9 +147,17 @@ func NewClient(s globals.Storage, loc string, ndfJSON *ndf.NetworkDefinition) (*
 
 	cl.topology = circuit.New(nodeIDs)
 
+	cl.tls = true
+
 	return cl, nil
 }
 
+// DisableTLS makes the client run with TLS disabled
+// Must be called before Connect
+func (cl *Client) DisableTLS() {
+	cl.tls = false
+}
+
 // Connects to gateways and registration server (if needed)
 // using TLS filepaths to create credential information
 // for connection establishment
@@ -161,7 +170,7 @@ func (cl *Client) Connect() error {
 	// connect to all gateways
 	for i, gateway := range cl.ndf.Gateways {
 		var gwCreds []byte
-		if gateway.TlsCertificate != "" {
+		if gateway.TlsCertificate != "" && cl.tls {
 			gwCreds = []byte(gateway.TlsCertificate)
 		}
 
@@ -181,7 +190,7 @@ func (cl *Client) Connect() error {
 	//connect to the registration server
 	if cl.ndf.Registration.Address != "" {
 		var regCert []byte
-		if cl.ndf.Registration.TlsCertificate != "" {
+		if cl.ndf.Registration.TlsCertificate != "" && cl.tls {
 			regCert = []byte(cl.ndf.Registration.TlsCertificate)
 		}
 		addr := io.ConnAddr(PermissioningAddrID)
diff --git a/bindings/client.go b/bindings/client.go
index 23feeafe54c47c19f66406ecd0fa2a8bb9194452..8ed69931771d40959a1842e02c696801fd257d6e 100644
--- a/bindings/client.go
+++ b/bindings/client.go
@@ -97,6 +97,7 @@ func FormatTextMessage(message string) []byte {
 // this would be the filename of the file that you're storing the user
 // session in.
 func NewClient(storage Storage, loc string, ndfStr, ndfPubKey string) (*Client, error) {
+	globals.Log.INFO.Printf("Binding call: NewClient()")
 	if storage == nil {
 		return nil, errors.New("could not init client: Storage was nil")
 	}
@@ -109,10 +110,18 @@ func NewClient(storage Storage, loc string, ndfStr, ndfPubKey string) (*Client,
 	return &Client{client: cl}, err
 }
 
+// DisableTLS makes the client run with TLS disabled
+// Must be called before Connect
+func (cl *Client) DisableTLS() {
+	globals.Log.INFO.Printf("Binding call: DisableTLS()")
+	cl.DisableTLS()
+}
+
 // Connects to gateways and registration server (if needed)
 // using TLS filepaths to create credential information
 // for connection establishment
 func (cl *Client) Connect() error {
+	globals.Log.INFO.Printf("Binding call: Connect()")
 	return cl.client.Connect()
 }
 
@@ -124,6 +133,9 @@ func (cl *Client) Connect() error {
 // gwAddressesList is CSV of gateway addresses
 // grp is the CMIX group needed for keys generation in JSON string format
 func (cl *Client) Register(preCan bool, registrationCode, nick, email, password string) ([]byte, error) {
+	globals.Log.INFO.Printf("Binding call: Register()\n"+
+		"   preCan: %v\n   registrationCode: %s\n   nick: %s\n   email: %s\n"+
+		"   Password: ********", preCan, registrationCode, nick, email)
 	fmt.Println("calling client reg")
 	UID, err := cl.client.Register(preCan, registrationCode, nick, email)
 
@@ -138,6 +150,8 @@ func (cl *Client) Register(preCan bool, registrationCode, nick, email, password
 // Returns an empty string and an error
 // UID is a uint64 BigEndian serialized into a byte slice
 func (cl *Client) Login(UID []byte, password string) (string, error) {
+	globals.Log.INFO.Printf("Binding call: Login()\n"+
+		"   UID: %v\n   Password: ********", UID)
 	userID := id.NewUserFromBytes(UID)
 	return cl.client.Login(userID)
 }
@@ -145,6 +159,7 @@ func (cl *Client) Login(UID []byte, password string) (string, error) {
 // Starts the polling of the external servers.
 // Must be done after listeners are set up.
 func (cl *Client) StartMessageReceiver() error {
+	globals.Log.INFO.Printf("Binding call: StartMessageReceiver()")
 	return cl.client.StartMessageReceiver()
 }
 
diff --git a/cmd/root.go b/cmd/root.go
index 2b0caf60f1fdd4cd27a39b060db2c9c54b1f3f37..ca88112c1d5ace3163daf044fdae94c255078906 100644
--- a/cmd/root.go
+++ b/cmd/root.go
@@ -22,7 +22,6 @@ import (
 	"gitlab.com/elixxir/client/user"
 	"gitlab.com/elixxir/crypto/large"
 	"gitlab.com/elixxir/primitives/id"
-	"gitlab.com/elixxir/primitives/ndf"
 	"gitlab.com/elixxir/primitives/switchboard"
 	"io/ioutil"
 	"log"
@@ -50,8 +49,6 @@ var end2end bool
 var keyParams []string
 var ndfPath string
 var skipNDFVerification bool
-var ndfRegistration []string
-var ndfUDB []string
 var ndfPubKey string
 var noTLS bool
 
@@ -91,7 +88,6 @@ func sessionInitialization() (*id.User, string, *api.Client) {
 	globals.Log.DEBUG.Printf("NDF Verified: %v", ndfJSON)
 
 	// Overwrite the network definition with any specified flags
-	overwriteNDF(ndfJSON)
 	globals.Log.DEBUG.Printf("Overwrote NDF Vars: %v", ndfJSON)
 
 	//If no session file is passed initialize with RAM Storage
@@ -147,6 +143,10 @@ func sessionInitialization() (*id.User, string, *api.Client) {
 		return id.ZeroID, "", nil
 	}
 
+	if noTLS {
+		client.DisableTLS()
+	}
+
 	// Connect to gateways and reg server
 	err = client.Connect()
 	if err != nil {
@@ -551,16 +551,6 @@ func init() {
 		false,
 		"Specifies if the NDF should be loaded without the signature")
 
-	rootCmd.PersistentFlags().StringSliceVar(&ndfRegistration,
-		"ndfRegistration",
-		nil,
-		"Overwrite the Registration values for the NDF")
-
-	rootCmd.PersistentFlags().StringSliceVar(&ndfUDB,
-		"ndfUDB",
-		nil,
-		"Overwrite the UDB values for the NDF")
-
 	// Cobra also supports local flags, which will only run
 	// when this action is called directly.
 	rootCmd.Flags().StringVarP(&message, "message", "m", "", "Message to send")
@@ -611,37 +601,3 @@ func initLog() {
 		}
 	}
 }
-
-// overwriteNDF replaces fields in the NetworkDefinition structure with values
-// specified from the commandline.
-func overwriteNDF(n *ndf.NetworkDefinition) {
-	if len(ndfRegistration) == 3 {
-		n.Registration.Address = ndfRegistration[1]
-		n.Registration.TlsCertificate = ndfRegistration[2]
-
-		globals.Log.WARN.Println("Overwrote Registration values in the " +
-			"NetworkDefinition from the commandline")
-	}
-
-	if len(ndfUDB) == 2 {
-		udbIdString, err := base64.StdEncoding.DecodeString(ndfUDB[0])
-		if err != nil {
-			globals.Log.WARN.Printf("Could not decode USB ID: %v", err)
-		}
-
-		n.UDB.ID = udbIdString
-
-		globals.Log.WARN.Println("Overwrote UDB values in the " +
-			"NetworkDefinition from the commandline")
-	}
-
-	if noTLS {
-		for i := 0; i < len(n.Nodes); i++ {
-			n.Nodes[i].TlsCertificate = ""
-		}
-		n.Registration.TlsCertificate = ""
-		for i := 0; i < len(n.Gateways); i++ {
-			n.Gateways[i].TlsCertificate = ""
-		}
-	}
-}