-
Title
Command “reset param SP_SYS_NETWORK_SECURITY” results in “Cannot modify SP_SYS_NETWORK_SECURITY directly; run sp_security to change security mode” -
Description
The following notice/warning shows up when trying to reset the value of the parameter SP_SYS_NETWORK_SECURITY back to its default:
sp_ctrl (alvsupl14:9242)> reset param SP_SYS_NETWORK_SECURITY
Cannot modify SP_SYS_NETWORK_SECURITY directly; run sp_security to change security mode
-
Cause
General information. -
Resolution
The resetting of the parameter SP_SYS_NETWORK_SECURITY back to its default value is not allowed via sp_ctrl prompt, but rather, one can change the SSL Security mode by running sp_security utility. This is one of those few parameters that have such restrictions of not allowing the parameter to be changed to the default or any other value via sp_ctrl.
There are reasons for such restrictions. You may not want users to inadvertently undo the SSL security on the fly on a node without planning ahead of time. The fact that SSL security is enabled on this node also implies that it is enabled on the corresponding node(s) which may be source, target, intermediate or the like. So if you want to disable the SSL security feature, you should do it on all nodes in question. A foolproof way to achieve this would be to put more effort into the process and let the user run sp_security on this node followed by running it on the corresponding node(s) when enabling/disabling SSL security.
For details on running sp_security, please refer to SharePlex Administrator Guide.