diff --git a/acme/challenge.go b/acme/challenge.go
index 986b94c4..1d1cf50b 100644
--- a/acme/challenge.go
+++ b/acme/challenge.go
@@ -406,9 +406,6 @@ func (tc *tlsALPN01Challenge) validate(db nosql.DB, jwk *jose.JSONWebKey, vo val
 	certs := cs.PeerCertificates
 
 	if len(certs) == 0 {
-		// note: it does not seem to be possible to trigger this path, as the Go TLS client will return a dial error
-		// when no certificate is served
-
 		if err = tc.storeError(db,
 			RejectedIdentifierErr(errors.Errorf("%s challenge for %s resulted in no certificates",
 				tc.Type, tc.Value))); err != nil {
diff --git a/acme/challenge_test.go b/acme/challenge_test.go
index 4d97d79d..d079bf8f 100644
--- a/acme/challenge_test.go
+++ b/acme/challenge_test.go
@@ -1509,7 +1509,7 @@ func TestTLSALPN01Validate(t *testing.T) {
 				res: ch,
 			}
 		},
-		"ok/with-new-oid": func(t *testing.T) test {
+		"ok": func(t *testing.T) test {
 			ch, err := newTLSALPNCh()
 			assert.FatalError(t, err)
 			_ch, ok := ch.(*tlsALPN01Challenge)