A user of ours tried to log in with an email that does not exist in our auth0 database and received the error:
"Hostname/IP does not match certificate's altnames: Host: plattform.ava.services. is not in the cert's altnames: DNS:*.xnxx.com, DNS:xnxx.com"
The type I see in the details of the logs (see screenshot) makes me think this should be a case of “Wrong username/password”. If I enter an email address that does exist in our auth0 dashboard (like my own) and try it with a wrong password then I get that error message. But an email that we do not have saved always throws the error above. This seems nonsensical to me since the point of generic error messages should be to not give away information as to which emails are already registered with us and which aren’t.
We use the universal login if that matters (I know in classic login you can customise error messages which won’t be possible for us as far as I know)