Hello Florian,
If you installed bacula from source, you can rebuild using --with-openssl in your configure options. All your configuration files will be kept. Otherwise, I'm quite sure that the packages are all built with SSL enabled.
In addition, you have some debug messages that will provide you information about SSL connections between the daemons (I think that running your bacula-dir with a -d 200 level is sufficient). They are messages with a "ssl=value", where value will be:
0 = TLS is not being used (is not enabled, could not be established, etc.)
1 = TLS is enabled but not required on the end point
2 = TLS is enabled and required
Error messages will be reported in debug mode if you configure TLS as enabled/required and the connection cannot be established for some reason.
Best regards,
Ana