diff --git a/examples/insecure_server.toml b/examples/insecure_server.toml
index 2a69a7cec..2ca1c0392 100644
--- a/examples/insecure_server.toml
+++ b/examples/insecure_server.toml
@@ -1,4 +1,4 @@
-bindaddress = "127.0.0.1:8443"
+bindaddress = "[::]:8443"
 ldapbindaddress = "127.0.0.1:3636"
 
 db_fs_type = "zfs"
diff --git a/server/daemon/src/main.rs b/server/daemon/src/main.rs
index 3275b0d3f..237cd3a23 100644
--- a/server/daemon/src/main.rs
+++ b/server/daemon/src/main.rs
@@ -1044,10 +1044,16 @@ async fn kanidm_main(
 
             let healthcheck_url = match &sopt.check_origin {
                 true => format!("{}/status", config.origin),
-                false => format!("https://{}/status", config.address),
+                false => {
+                    // the replace covers when you specify an ipv6-capable "all" address
+                    format!(
+                        "https://{}/status",
+                        config.address.replace("[::]", "localhost")
+                    )
+                }
             };
 
-            debug!("Checking {healthcheck_url}");
+            info!("Checking {healthcheck_url}");
 
             let mut client = reqwest::ClientBuilder::new()
                 .danger_accept_invalid_certs(!sopt.verify_tls)