The 9.6 update to Sophos UTM added support for using Let’s Encrypt certificates to secure access to websites behind the built in reverse-proxy feature. They can be used for the management interface and the user portal too. I no longer have to hack around on the machine to automate certificates. Finally!
Also of note… I learned I can change the value of the server property of
the dyndns entry in /var/confd/res/dyndns/features.ph from the default value of members.dyndns.org to domains.google.com and use the built-in DynDNS
features to update dynamic DNS entries in my domain hosted at Google Domains.
With these two additions, I don’t need to make any hacks (except to the
features.ph file) on the machine.