Hi @Gayatri I want you to check two things. * Requesting you to validate if there are any other copy of the old expired CAcert is present in the same server, that maybe also one of a reason to have a hit even after replacing the expired cert * Also, try deleting the server.pem (backup under different server for safety) and restart the Splunk service, which will generate new certificate. Post the above action request for vulnerability re-scan that should help fixing the issue.
... View more