This is an interesting request and requirement.
I realize that you probably can’t just push back on the requirement, but I would say the following, which you may already know:
BigFix has additional security features to make it resistant to man in the middle attacks or attacks that modify the encrypted stream.
Also, I think if your endpoints are sending encrypted reports, that encryption is in addition to any SSL/TLS encryption that may be in place.
If it was possible to change this, it would likely have to be a client setting or something similar.
CC: @AlanM @gearoid