I am not able to configure heavy forwarder inputs.conf file to receive encrypted traffic.

1) config inputs.conf on heavy forwarder is given below. but netstat -an does not show heavy forwarder is listening on port 9998

[splunktcp-ssl:9998]
compressed = true

[SSL]
password = $1$YJqLPm4skNlFOQ==
rootCA = /opt/splunk/etc/certs/ca.pem
serverCert = /opt/splunk/etc/certs/splunk-dev.pem

2) On universal forwarder I am using app with outputs.conf

[tcpout]
defaultGroup = splunkssl
sendCookedData = true
dnsResolutionInterval = 300

[tcpout:splunkssl]
compressed = true
server = heavy forwarder name :9998
sslCertPath = C:\Program Files\SplunkUniversalForwarder\etc\apps\FW_DEV_NA_Encrypt\default\certs\splunk-dev.pem
sslPassword = testmy123
sslRootCAPath = C:\Program Files\SplunkUniversalForwarder\etc\apps\FW_DEV_NA_Encrypt\default\certs\ca.pem
sslVerifyServerCert = false