emqx/changes/ce/fix-10952.en.md

Disallow enabling fail_if_no_peer_cert in listener SSL options if verify_none is set.

Setting fail_if_no_peer_cert = true and verify = verify_none caused connection errors due to incompatible options. This fix validates the options when creating or updating a listener to avoid these errors.

Note: any old listener configuration with fail_if_no_peer_cert = true and verify = verify_none that was previously allowed will fail to load after applying this fix and must be manually fixed.