We have requirements due to PCI compliance where client syslog data needs to be encrypted in transit. Thus there is a need to add to the CLI syntax handlers, managing the additional configuration to rsyslogd for the 'host' node. Additionally the need to handle the addition of the certificate, presumably in 'pki => certificate'.
For reference: https://www.rsyslog.com/doc/v8-stable/tutorials/tls.html