diff --git a/cloudbuild/vendors/topology.textproto b/cloudbuild/vendors/topology.textproto
index f2b29c6c..c043623d 100644
--- a/cloudbuild/vendors/topology.textproto
+++ b/cloudbuild/vendors/topology.textproto
@@ -12,6 +12,12 @@ nodes: {
   name: "ncptx"
   vendor: JUNIPER
   model: "ncptx"
+  # Disables the legacy gRPC server config that configures hot reloading
+  # and PKI support. These are now configured by default in D47 and onwards.
+  labels: {
+    key: "legacy_grpc_server_config"
+    value: "disabled"
+  }
   config: {
     image: "us-west1-docker.pkg.dev/gep-kne/juniper/ncptx:ga"
     file: "juniper.cfg"
diff --git a/topo/node/juniper/juniper.go b/topo/node/juniper/juniper.go
index af5e55c7..436b9e36 100644
--- a/topo/node/juniper/juniper.go
+++ b/topo/node/juniper/juniper.go
@@ -195,28 +195,31 @@ func (n *Node) GRPCConfig() []string {
 		}
 	}
 	log.Infof("gNMI Port %d", port)
-	portConfig := fmt.Sprintf("set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config port %d", port)
-	conf := []string{
-		"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config services GNMI",
-		"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config enable true",
-		portConfig,
-		"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config transport-security true",
-		"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config certificate-id grpc-server-cert",
-		"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config listen-addresses 0.0.0.0",
-		"commit",
-	}
 	// In newer Juniper releases such as D47, hot reloading and PKI support is enabled by default. On these systems, the legacy
 	// syntax below is mutually exclusive with the new gRPC service config. Attempting to configure both will cause the config
 	// commit to fail. Therefore, if configuring gRPC services via CLI on a release from D47 onwards, a KNE Node label of
 	// `legacy_grpc_server_config`` should be set to `disabled.`
 	if n.GetProto().GetLabels()["legacy_grpc_server_config"] != "disabled" {
-		legacyConf := []string{
+		return []string{
 			"set system services extension-service request-response grpc ssl hot-reloading",
 			"set system services extension-service request-response grpc ssl use-pki",
+			"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config services GNMI",
+			"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config enable true",
+			fmt.Sprintf("set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config port %d", port),
+			"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config transport-security true",
+			"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config certificate-id grpc-server-cert",
+			"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config listen-addresses 0.0.0.0",
+			"commit",
 		}
-		conf = append(legacyConf, conf...)
 	}
-	return conf
+	return []string{
+		"set system services http servers server grpc-server",
+		fmt.Sprintf("set system services http servers server grpc-server port %d", port),
+		"set system services http servers server grpc-server grpc gnmi",
+		"set system services http servers server grpc-server tls local-certificate grpc-server-cert",
+		"set system services http servers server grpc-server listen-address 0.0.0.0",
+		"commit",
+	}
 }
 
 // Waits and retries until CLI config mode is up and config is applied
diff --git a/topo/node/juniper/juniper_test.go b/topo/node/juniper/juniper_test.go
index a7039b71..ffaab602 100644
--- a/topo/node/juniper/juniper_test.go
+++ b/topo/node/juniper/juniper_test.go
@@ -286,12 +286,11 @@ func TestGRPCConfig(t *testing.T) {
 				},
 			},
 			want: []string{
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config services GNMI",
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config enable true",
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config port 32767",
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config transport-security true",
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config certificate-id grpc-server-cert",
-				"set openconfig-system:system openconfig-system-grpc:grpc-servers grpc-server grpc-server config listen-addresses 0.0.0.0",
+				"set system services http servers server grpc-server",
+				"set system services http servers server grpc-server port 32767",
+				"set system services http servers server grpc-server grpc gnmi",
+				"set system services http servers server grpc-server tls local-certificate grpc-server-cert",
+				"set system services http servers server grpc-server listen-address 0.0.0.0",
 				"commit",
 			},
 		},