This depends on the app. Individual apps could have own SSL ports 
Question is if OP configured HTTPS on HA?? Or if he is just trying to connect assuming it would work ootb. I guess it will be needed to setup revers proxy for HA
For Nextcloud, if I understood you don’t use self signed certificate? It’s the one issued by Let’s Encrypt? And you are using the same hostname/ DDNS to connect as you specified within dietpi-letsencrypt?
Some years ago I created a very basic how-to How can I secure connection to nextcloud? - #4 by Joulinar