From cc19ab810c4de5ba837e4d035103a0c6ae33340a Mon Sep 17 00:00:00 2001
From: Ludovic Fernandez <ldez@users.noreply.github.com>
Date: Wed, 17 Apr 2019 20:47:59 +0200
Subject: [PATCH] fix: Disable authz when solve fail. (#851)

---
 certificate/certificates.go | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/certificate/certificates.go b/certificate/certificates.go
index f578b588..b0327d5c 100644
--- a/certificate/certificates.go
+++ b/certificate/certificates.go
@@ -114,6 +114,7 @@ func (c *Certifier) Obtain(request ObtainRequest) (*Resource, error) {
 	err = c.resolver.Solve(authz)
 	if err != nil {
 		// If any challenge fails, return. Do not generate partial SAN certificates.
+		c.deactivateAuthorizations(order)
 		return nil, err
 	}
 
@@ -170,6 +171,7 @@ func (c *Certifier) ObtainForCSR(csr x509.CertificateRequest, bundle bool) (*Res
 	err = c.resolver.Solve(authz)
 	if err != nil {
 		// If any challenge fails, return. Do not generate partial SAN certificates.
+		c.deactivateAuthorizations(order)
 		return nil, err
 	}