How to forward all indexed data from all indexes from heavy forwarder to another instance over ssl?

I am using Splunk Free, and the Splunk add-on for AWS, attempting to index and forward generic s3 data with a custom index name to a Splunk Enterprise instance. It looks like data is being indexed, and the ssl connection is connecting, but not forwarding data. I have indexed data that shows in the web client. I am getting the following repeated output in splunkd.log 05-21-2020 10:23:16.119 -0400 INFO TcpOutputProc - Found currently active indexer. Connected to idx=ip:9998, reuse=1. 05-21-2020 10:23:25.150 -0400 INFO LMStackMgr - license_warnings_update_interval=auto has reached the minimum threshold 10. Will not reduce license_warnings_update_interval beyond this value In outputs.conf to account for sending all indexes I used 'forwardedindex.0.whitelist = .*' inputs.conf [default] host = hostname disabled=0 outputs.conf [tcpout] defaultGroup = default-autolb-group indexAndForward = true disabled = false forwardedindex.0.whitelist = .* [tcpout:default-autolb-group] compressed = true server = ip:9998 clientCert = /opt/splunk/etc/auth/server.pem sslPassword = passwordHere sslRootCAPath = /opt/splunk/etc/auth/ca.pem sslVerifyServerCert = false sendCookedData = true What is the required change in my forwarder configuration?