According to the Splunk documentation on the attribute [splunktcp-ssl:<port>] it states that:
* Use this stanza type if you are receiving encrypted, parsed data from a forwarder."
UFs cook, but do not 'parse' the data. Thus, is this effective to send encrypted data from the UF to indexers?
I think this may be a place where the documentation needs improvement. Splunk Cloud uses SSL exclusively with UFs so you should be able to, also.
Please submit feedback using the form at the bottom of the documentation page you are looking at. That creates a ticket for the doc team and we will follow up, thank you!