diff --git a/acme/challenge.go b/acme/challenge.go
index 52a64c73..0c8e391e 100644
--- a/acme/challenge.go
+++ b/acme/challenge.go
@@ -605,11 +605,13 @@ func wireDPOP01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
 		return WrapErrorISE(err, "Could not find current order by account id")
 	}
 
-	if len(orders) != 1 {
-		return WrapErrorISE(err, "There are too many orders for this account for this custom DPoP challenge")
+	if len(orders) == 0 {
+		return WrapErrorISE(err, "There are not enough orders for this account for this custom OIDC challenge")
 	}
 
-	if err := db.CreateDpopToken(ctx, orders[0], dpop); err != nil {
+	order := orders[len(orders)-1]
+
+	if err := db.CreateDpopToken(ctx, order, dpop); err != nil {
 		return WrapErrorISE(err, "Failed storing DPoP token")
 	}