Need Help: certificate resolver in static file not getting recognized in static https section

I have my static config defined in traefik.yml as

# Traefik entrypoints (network ports) configuration
entryPoints:
  # Not used in apps, but redirect everything from HTTP to HTTPS

  # HTTPS endpoint, with domain wildcard
  https:
    address: :443
    forwardedHeaders:
      # Reuse list of Cloudflare Trusted IP's above for HTTPS requests
      trustedIPs: *trustedIps
    http:
      tls:
        # Generate a wildcard domain certificate
        certResolver: leexample
        domains:
          - main: example.com # change this to your proxy domain
            sans:
              - '*.example.com' # change this to your proxy domain
      middlewares:
        - security-headers@file # reference to a dynamic middleware for setting http security headers per default
        - rate-limit@file # reference to a dynamic middleware for enabling rate limiting per default
        - chain-basic-auth@file

and I have the certResolver defined in the same file as

# Use letsencrypt to generate ssl certificates
certificatesResolvers:
  leexample:
    acme:
      caServer: https://acme-staging-v02.api.letsencrypt.org/directory
      email: homeserver@example.com  # change to your provider account email address. The API token is defined in the docker-compose.yml as environment variable
      storage: /certs/acme/example.json
      dnsChallenge:
        provider: cloudflare
        # Used to make sure the dns challenge is propagated to the rights dns servers
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

I have the docker provider defined with defaultRule that will apply for all subdomains in example.com in the same (traefik.yml) as

  docker:
    watch: true
    defaultRule: 'Host(`{{ index .Labels "com.homeserver.service.name"}}.example.com`)'
    swarmModeRefreshSeconds: 15s
    exposedByDefault: false
    endpoint: unix:///var/run/docker.sock

However when traefik starts up it does not seem to find it and throws the following error

{"entryPointName":"https","level":"debug","msg":"Adding route for [whoami.example.com](https://whoami.example.com) with TLS options default","time":"2023-03-20T22:31:49-07:00"}

{"level":"error","msg":"the router https-whoami@docker uses a non-existent resolver: le-example-com","time":"2023-03-20T22:31:49-07:00"}

Do you have another (old) service/container running with the resolver le-example-com assigned?

Do you use provider.file with a directory and have other (old) config files in the directory?

Do you use a docker-compose.yml file? Can you share it?

This is my entire docker-compose.yml

version: "3.8"

services:
  traefik:
    image: "traefik:latest"
    container_name: "traefik"
    env_file: 
      - .env
    ports:
      - "80:80"
      - "443:443"
      - "8080:8080"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - $APPDATADIR/traefik/traefik.yml:/etc/traefik/traefik.yml
      - $APPDATADIR/traefik/providers:/providers # file provider directory
      - $APPDATADIR/traefik/logs:/logs # logs directory
      - $APPDATADIR/traefik/certs:/certs # certs directory
    labels:
      - "com.homeserver.service.name=traefik"
      - "com.homeserver.domain.name=$DOMAIN_REDACTED"

  whoami:
    image: "traefik/whoami"
    container_name: "whoami"
    labels:
      - "traefik.enable=true"
      - "com.homeserver.service.name=whoami"
      - "com.homeserver.domain.name=$DOMAIN_REDACTED"


  homepage:
    container_name: homepage
    env_file:
    - .env
    environment:
    - PUID=$PUID
    - PGID=$PGID
    image: ghcr.io/benphelps/homepage:latest
    labels:
    - "com.REDACTED.app-template-processor.version=1.0.0"
    - "com.REDACTED.app-template-processor.description=A highly customizable homepage
      (or startpage / application dashboard) with Docker and service API integrations."
    - "traefik.enable=true"
    - "com.homeserver.service.name=homepage"
    - "com.homeserver.domain.name=$DOMAIN_REDACTED"
    platform: linux
    ports:
    - 3000:3000/tcp
    restart: unless-stopped
    volumes:
    - $APPDATADIR/homepage/config:/var/homepage/config:rw
    - $APPDATADIR/homepage/data:/var/homepage/data:rw

  watchtower:
    # WatchTower - Automatic Docker Container Updates
    image: containrrr/watchtower:latest
    container_name: watchtower
    restart: unless-stopped
    environment:
      TZ: $TZ
      WATCHTOWER_CLEANUP: "true"
      WATCHTOWER_REMOVE_VOLUMES: "true"
      WATCHTOWER_INCLUDE_STOPPED: "true"
      WATCHTOWER_INCLUDE_RESTARTING: "true"
      WATCHTOWER_ROLLING_RESTART: "true"
      WATCHTOWER_NO_STARTUP_MESSAGE: "false"
      WATCHTOWER_SCHEDULE: "0 30 1 * * *" # Everyday at 1:30
      WATCHTOWER_NOTIFICATIONS: shoutrrr
      WATCHTOWER_NOTIFICATION_URL: "telegram://2065182960:REDACTED@telegram?channels=REDACTED"
      WATCHTOWER_NOTIFICATIONS_LEVEL: info
      DOCKER_API_VERSION: "1.39"
    volumes:
      - /etc/localtime:/etc/localtime:ro
      - /var/run/docker.sock:/var/run/docker.sock:ro

This is my entire /providers/traefik.yml

# Traefik global configuration
global:
  checkNewVersion: true
  sendAnonymousUsage: false

# Enable traefik ui dashboard
api:
  dashboard: true
  insecure: true

# Log level INFO|DEBUG|ERROR
log:
  level: DEBUG
  filePath: /logs/traefik.log
  format: json

# Configuring Multiple Filters
accessLog:
  filePath: "/logs/traefik.log"
  format: json
  filters:
    statusCodes:
    #  - "200" # log successful http requests
      - "400-599" # log failed http requests
    #retryAttempts: true
    #minDuration: "10ms"
  # collect logs as in-memory buffer before writing into log file
  bufferingSize: 0
  fields:
    headers:
      defaultMode: drop # drop all headers per default
      names:
          User-Agent: keep # log user agent strings

# The setting below is to allow insecure backend connections.  
serversTransport:
  insecureSkipVerify: true

# Traefik entrypoints (network ports) configuration
entryPoints:
  # Not used in apps, but redirect everything from HTTP to HTTPS
  http:
    address: :80
    forwardedHeaders:
      trustedIPs: &trustedIps
        # Start of Clouflare public IP list for HTTP requests, remove this if you don't use it; https://www.cloudflare.com/de-de/ips/
        - 103.21.244.0/22
        - 103.22.200.0/22
        - 103.31.4.0/22
        - 104.16.0.0/13
        - 104.24.0.0/14
        - 108.162.192.0/18
        - 131.0.72.0/22
        - 141.101.64.0/18
        - 162.158.0.0/15
        - 172.64.0.0/13
        - 173.245.48.0/20
        - 188.114.96.0/20
        - 190.93.240.0/20
        - 197.234.240.0/22
        - 198.41.128.0/17
        - 2400:cb00::/32
        - 2606:4700::/32
        - 2803:f800::/32
        - 2405:b500::/32
        - 2405:8100::/32
        - 2a06:98c0::/29
        - 2c0f:f248::/32
        # End of Cloudlare public IP list
    http:
      redirections:
        entryPoint:
          to: https
          scheme: https
      middlewares:
        - chain-basic-auth@file

  # HTTPS endpoint, with domain wildcard
  https:
    address: :443
    forwardedHeaders:
      # Reuse list of Cloudflare Trusted IP's above for HTTPS requests
      trustedIPs: *trustedIps
    http:
      tls:
        # Generate a wildcard domain certificate
        certResolver: leredacted
        domains:
          - main: redacted.com # change this to your proxy domain
            sans:
              - '*.redacted.com' # change this to your proxy domain
      middlewares:
        - security-headers@file # reference to a dynamic middleware for setting http security headers per default
        - rate-limit@file # reference to a dynamic middleware for enabling rate limiting per default
        - chain-basic-auth@file

providers:
  providersThrottleDuration: 2s

  # File provider for connecting things that are outside of docker / defining middleware
  file:
    directory: /providers
    watch: true

  # Docker provider for connecting all apps that are inside of the docker network
  docker:
    watch: true
    defaultRule: 'Host(`{{ index .Labels "com.homeserver.service.name"}}.{{ index .Labels "com.homeserver.domain.name"}}`)'
    swarmModeRefreshSeconds: 15s
    exposedByDefault: false
    endpoint: unix:///var/run/docker.sock # $TODO

# Use letsencrypt to generate ssl certificates
certificatesResolvers:
  leredacted:
    acme:
      caServer: https://acme-staging-v02.api.letsencrypt.org/directory
      email: homeserver@redacted.com  # change to your provider account email address. The API token is defined in the docker-compose.yml as environment variable
      storage: /certs/acme/redacted.json
      dnsChallenge:
        provider: cloudflare
        # Used to make sure the dns challenge is propagated to the rights dns servers
        resolvers:
          - "1.1.1.1:53"
          - "1.0.0.1:53"

This is my entire /providers/tls-options.yml

tls:
  options:
    tls-opts:
      minVersion: VersionTLS12
      cipherSuites:
        - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
        - TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305
        - TLS_AES_128_GCM_SHA256
        - TLS_AES_256_GCM_SHA384
        - TLS_CHACHA20_POLY1305_SHA256
        - TLS_FALLBACK_SCSV # Client is doing version fallback. See RFC 7507
      curvePreferences:
        - CurveP521
        - CurveP384
      sniStrict: true