From 8bcc3af04d3bdf0508765e8fc1b8244facd3cf7c Mon Sep 17 00:00:00 2001
From: Matthew Holt <mholt@users.noreply.github.com>
Date: Mon, 12 Nov 2018 12:51:17 -0700
Subject: [PATCH] Restore test to match

---
 caddytls/certificates_test.go | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/caddytls/certificates_test.go b/caddytls/certificates_test.go
index 5f8b17e1801..1a5332ca007 100644
--- a/caddytls/certificates_test.go
+++ b/caddytls/certificates_test.go
@@ -43,15 +43,9 @@ func TestUnexportedGetCertificate(t *testing.T) {
 		t.Errorf("Didn't get wildcard cert for 'sub.example.com' or got the wrong one: %v, matched=%v, defaulted=%v", cert, matched, defaulted)
 	}
 
-	// TODO: Re-implement this behavior when I'm not in the middle of upgrading for ACMEv2 support. :) (it was reverted in #2037)
-	// // When no certificate matches and SNI is provided, return no certificate (should be TLS alert)
-	// if cert, matched, defaulted := cfg.getCertificate("nomatch"); matched || defaulted {
-	// 	t.Errorf("Expected matched=false, defaulted=false; but got matched=%v, defaulted=%v (cert: %v)", matched, defaulted, cert)
-	// }
-
-	// When no certificate matches and SNI is NOT provided, a random is returned
-	if cert, matched, defaulted := cfg.getCertificate(""); matched || !defaulted {
-		t.Errorf("Expected matched=false, defaulted=true; but got matched=%v, defaulted=%v (cert: %v)", matched, defaulted, cert)
+	// When no certificate matches and SNI is provided, return no certificate (should be TLS alert)
+	if cert, matched, defaulted := cfg.getCertificate("nomatch"); matched || defaulted {
+		t.Errorf("Expected matched=false, defaulted=false; but got matched=%v, defaulted=%v (cert: %v)", matched, defaulted, cert)
 	}
 }