Port forwarding (or rather "clone") a port to an another port for an application?

Solution 1:

I want to access to the app from the internet, through an HTTPS connection.

This is typically done with a reverse proxy. The principle is that the reverse proxy gets HTTPS requests and is configured to pass those requests on to e.g. Plex on port 32400. So the flow is essentially:

Internet --> Router (443) --> Reverse Proxy (443 -> 32400) --> Plex

Regarding the program you mention in your original question, I am not familiar with that tool, so I can't really comment on how you might go about setting it up. But as an FYI, web servers (e.g. Apache and Nginx) support Let's Encrypt certificates and can have the ability to act as reverse proxies as well (and from personal experience, it's relatively simple to set up Plex behind one of these).

For URL access, your domain would point at your router and the router would port forward requests to the reverse proxy.

Solution 2:

I tried socat socat TCP-LISTEN:32400,fork TCP:127.0.0.1:443 but I get E bind(5, {AF=2 0.0.0.0:32400}, 16): Address already in use error.

You told it to listen on port 32400 and connect to port 443. That's kind of backwards, according to your question – the app you have is already listening on port 32400, you want the relay tool to listen on 443 and connect to localhost:32400.

The 'dnat' feature in nftables (or REDIRECT in iptables) might be a better option, as it doesn't relay any data but rewrites the actual connection attempt instead. Adding a rule that matches on port 443 and DNATs to 127.0.0.1:32400 would achieve what you want.