That kind of thing has cost millions in ransom, there is just no excuse, there is tons of VPN types(no not the type you pay for) to connect securely to your home. Or you can even use QNAP CloudLink feature (uses relay servers)
Just check the deadbolt topic [RANSOMWARE] >>READ 1st Post<< Deadbolt - QNAP NAS Community Forum
SSL certs do not protect your NAS, they authenticate traffic (above mentioned topic has people hacked, that used strong password,2FA,SSL,etc, and it did nothing, do not be part of the next wave !)