From c849ca1b90d59f94df4ab4ad5984097bf26198a6 Mon Sep 17 00:00:00 2001
From: xenolf <xenolf@users.noreply.github.com>
Date: Tue, 17 Nov 2015 19:45:15 +0100
Subject: [PATCH] If any challenge fails - return an error

---
 acme/client.go | 15 ++-------------
 1 file changed, 2 insertions(+), 13 deletions(-)

diff --git a/acme/client.go b/acme/client.go
index 5c7207da..afa7f667 100644
--- a/acme/client.go
+++ b/acme/client.go
@@ -239,22 +239,11 @@ func (c *Client) ObtainSANCertificate(domains []string, bundle bool) (Certificat
 	}
 
 	errs := c.solveChallenges(challenges)
-	for k, v := range errs {
-		failures[k] = v
-	}
-
-	if len(failures) == len(domains) {
+	// If any challenge fails - return. Do not generate partial SAN certificates.
+	if len(errs) > 0 {
 		return CertificateResource{}, failures
 	}
 
-	// remove failed challenges from slice
-	var succeededChallenges []authorizationResource
-	for _, chln := range challenges {
-		if failures[chln.Domain] == nil {
-			succeededChallenges = append(succeededChallenges, chln)
-		}
-	}
-
 	logf("[INFO] acme: Validations succeeded; requesting certificates")
 
 	cert, err := c.requestCertificate(succeededChallenges, bundle)