Setting up https with traefik

Hello,
in my previous post here I have managed to set up a reverse proxy with traefik for http.

In the meantime I have managed to get my domain on tor darknet and it works flawlessly.

Now I would like to secure the http traffic on normal clearnet using encryption certificates issued by let’s encrypt.
I have decided to go with traefik since it can already do that and I avoid installing more software.

Here are the relevant configs:

    staticConfigOptions = {
      entryPoints = {
        http = {
	 address = ":80";
	 
          forwardedHeaders.trustedIPs = [ "127.0.0.1/32" "10.0.0.0/8" "192.168.0.0/16" ]; # "172.16.0.0/12"
        };
	https = {
	 address = ":443";
          forwardedHeaders.trustedIPs = [ "127.0.0.1/32" "10.0.0.0/8" "192.168.0.0/16" ]; # "172.16.0.0/12"
	};
      };
      certificateResolvers.len.acme = { # len = Let's ENcrypt
        email = contactEmail;
        storage = "/var/lib/traefik/acme.json";
        # caServer: https://acme-v02.api.letsencrypt.org/directory # prod (default)
        caServer =  "https://acme-staging-v02.api.letsencrypt.org/directory"; # staging
        httpChallenge.entryPoint = "http";
      };
    };
dynamicConfigOptions = {
      http = {
        routers = {
	 # FEATURES
	 s1 = { service = "s1"; entryPoints = [ "http" "https" ];
            rule = "Host(`s1.${domain}`) || Host(`s1.${torDomain}`)";
          };
          git = { service = "s2"; entryPoints = [ "http" "https" ];
            rule = "Host(`s2.${domain}`) || Host(`s2.${torDomain}`)";
          };
          paperless = { service = "s3 entryPoints = [ "http" "https" ];
            rule = "Host(`s3.${domain}`) || Host(`s3.torDomain}`)";
          };
          website = { service = "website"; entryPoints = [ "http" "https" ];
            rule = "Host(`${domain}`) || Host(`${torDomain}`)";
	   tls.certResolver = "len";
          };
        };
        services = {
          website.loadBalancer.servers = [ { url = "http://localhost:8000"; } ];

          s1.loadBalancer.servers = [ { url = "http://localhost:8001"; } ];
          s2.loadBalancer.servers = [ { url = "http://localhost:8002"; } ];
          s3.loadBalancer.servers = [ { url = "http://localhost:8003"; } ];
        };
      };

I get this error:
Router uses a non-existent certificate resolver certificateResolver=len routerName=website@file

and the config producing this variable is here:

[certificateResolvers]
  [certificateResolvers.len]
    [certificateResolvers.len.acme]
      caServer = "https://acme-staging-v02.api.letsencrypt.org/directory"
      email = "my@mail"
      storage = "/var/lib/traefik/acme.json"
      [certificateResolvers.len.acme.httpChallenge]
        entryPoint = "http"

[entryPoints]
  [entryPoints.http]
    address = ":80"
    [entryPoints.http.forwardedHeaders]
      trustedIPs = ["127.0.0.1/32", "10.0.0.0/8", "192.168.0.0/16"]
  [entryPoints.https]
    address = ":443"
    [entryPoints.https.forwardedHeaders]
      trustedIPs = ["127.0.0.1/32", "10.0.0.0/8", "192.168.0.0/16"]

[providers]
  [providers.file]
    filename = "/nix/store/jvkihig776mx9f9svi9q781bs5ddzfg4-config.toml"

Now the website gives me a 404.

As you can see the len provider exists.

Does anyone know why this is the case?