I can’t read that error unfortunately so im not sure exactly what it says. But based on the config youre showing me you are definitely going to run into certificate issues on the internal url so I’m going to guess that error is telling you something like “this connection can’t be trusted” and asking if you want to proceed anyway.
The reason is ssl certificates are only valid for a specific domain. When you went through the letsencrypt process you got an ssl certificate for your external duckdns domain (https://example.duckdns.org in your example above). Youre trying to present that same certificate to people connecting to HA on https://homeassistant:8123. But that certificate isn’t for that domain so all clients (like your browser or the mobile app) are going to object and say this website is insecure and can’t be trusted since it’s presenting someone else’s ssl certificate.
This is the downside with the port forwarding approach, where you forward an external port directly to port 8123 on your machine running HA. It works but kind of makes your HA inaccessible via local url. Or somewhat accessible if you’re able to tell all clients connecting that way to ignore the certificate error.
I’d recommend looking at the nginx proxy manager add-on. It’s easy to set up and allows you to require https access on your external url but allow http access to your internal url when within your network. This way both urls work fine without certificate issues