SSL is usually avoided between agents and collectors due to its impact on performance (especially startup times). Many thousands of requests are sent between agents and collectors during the instrumentation process and anything that increases the time of these requests can greatly increase startup time or even cause instrumentation to fail. I expect in even moderately busy environments that the time to encrypt and decrypt data could potentially cause agents to not be able to send their data fast enough, leading to buffer overflows and loss of data.
It's strongly recommended that collectors are "close" to agents, with no firewalls or routers in between for this very reason - latency can severely impact startup times and performance.
When I asked this question myself some time ago, the response was that there were no plans to implement SSL between agents and collectors, though that may have changed. At that time, it was suggested that IPSec or similar could fulfil the requirement for SSL if it was truly necessary, but it was neither recommended nor supported.
Finally, I cannot see any mention of this in the 6.3 release notes, so I do not expect that support for SSL between agents and collectors will be in this release.
we're already working on some major architectural changes that will also allow encrypted agent-collector communication in the future. however, there won't be any changes in 6.3.
in the meantime you'd have to create an SSL tunnel yourself to encrypt the agent-collector communication.