It is observed that server.conf is automatically updating with invalid certificate under etc/system/local even after the I changed it manually and tried disabling the deployment server from client.
Changes observed in the splunk directories:
1) Invalid certificate is creating on its own under etc/auth
2) server.conf is getting updated with invalif certificate
Splunk version which is being used: 6.4.2
↧
