From b143bbdbaa073e5b229ae05d16cae18f6a359519 Mon Sep 17 00:00:00 2001
From: Matthew Holt <Matthew.Holt+git@gmail.com>
Date: Mon, 2 Nov 2015 14:09:35 -0700
Subject: [PATCH] letsencrypt: Better logic for handling issuance failures

This fixes a bug with the -agree flag
---
 caddy/letsencrypt/letsencrypt.go | 13 +++++++------
 1 file changed, 7 insertions(+), 6 deletions(-)

diff --git a/caddy/letsencrypt/letsencrypt.go b/caddy/letsencrypt/letsencrypt.go
index fa19a81f..7848e627 100644
--- a/caddy/letsencrypt/letsencrypt.go
+++ b/caddy/letsencrypt/letsencrypt.go
@@ -89,15 +89,16 @@ func Activate(configs []server.Config) ([]server.Config, error) {
 			// Build an error string to return, using all the failures in the list.
 			var errMsg string
 
-			// An agreement error means we need to prompt the user (once) with updated terms
-			// while they're still here.
-			var promptedUpdatedTerms bool
+			// If an error is because of updated SA, only prompt user for agreement once
+			var promptedForAgreement bool
 
 			for domain, obtainErr := range failures {
 				// If the failure was simply because the terms have changed, re-prompt and re-try
-				if tosErr, ok := obtainErr.(acme.TOSError); ok && !promptedUpdatedTerms {
-					Agreed = promptUserAgreement(tosErr.Detail, true) // TODO: Use latest URL
-					promptedUpdatedTerms = true
+				if tosErr, ok := obtainErr.(acme.TOSError); ok {
+					if !Agreed && !promptedForAgreement {
+						Agreed = promptUserAgreement(tosErr.Detail, true) // TODO: Use latest URL
+						promptedForAgreement = true
+					}
 					if Agreed {
 						err := client.AgreeToTOS()
 						if err != nil {