Release : 9.2.0
Component : UIM - HUB
If you need to enable TLS for the tunnel configuration you can use the following which should also pass PCI as it is TLS1.2.
This works for hub version 7.93 or higher.
At that point if you examine the hub.log on first start, and when the tunnels are initialized, you will see something to the effect of starting Tunnels with TLS Enabled.