HA App working on one device but not another

Hi folks, I’m just trying to find the cause of my current problem, I hope someone can help as I can’t find a similar topic. As an outline:
HA running on HAOS in a VM on Proxmox.
DuckDNS and LetsEncrypt giving me a cert for SSL, which works fine externally or internally on a laptop/web connection.
On my android phone, the HA companion app connecting to domain.duckdns.org works fine, both from the internal network and externally.
On my old android tablet via wifi (latest HA App though) I can’t get it to work. When I first install it and progress through adding the server, it shows the duckdns.org server correctly (https://domain.duckdns.org), so I select it and it sits on a blank page with the HA logo at the top. This is literally identical to my phone config. No error, no timeout, just blank. If I put in the local address, either as http://IP:8123 or http://homeassistant.local:8123 it also sits at the blank screen. If I visit homeassistant.local:8123 from the browser on the tablet I get “no response” error and if I use IP:8123, I can access it but obviously with the SSL error due to it not matching the domain but to the login shows up as normal. If I visit the external domain via browser, it works fine with SSL functioning.

I can’t force devices to route externally, and I’m thinking the tablet might be being directed to the internal page rather than via the external domain.

What am I doing wrong?

I think, I had something similar a while ago, and IIRC it had something to do with authentication. I can’t remember what exactly it was, but something wasn’t working with “local network” as authentication method in combination with an external domain.

Sorry, can’t remember more, but might be worth a try to look at your authentication.

Depending on the age of the tablet it could be the Root certificate is out of date for your external domain. If that’s the case, you’ll have to figure out how to update the root certificate or install your domain certificate manually.

That’s one obvious problem with operating systems that are no longer supported, if your vendor isn’t regularly updating the root certificate store you will eventually have problems in the modern Internet where everything is encrypted.

I’m still having a right faff with it, the OS is Android 7.1 which is still apparently supported. External cert and root cert is active and up to date. Letsencrypt through the duckdns add-on is supposed to cover two domains, but when I visit one of those domains the cert shows from the other and shows an insecure. I have something whacky going on, I’ll try to re-install my certs and get back to you guys, thanks for the thoughts.