Traefik + cert-manager + global redirect = no certificate issued

Traefik Traefik v2 (latest)
,
1

Hi everyone,
i'm setting up a kubernetes cluster with traefik as ingress controller, and cert-manager as certificates creator.

Traefik has been installed with helm and the version installed is 2.4.9, using this values.yaml file

---
ports:
  web:
    port: 80
  websecure:
    port: 443

ingressRoute:
  dashboard:
    enabled: false # We will use a custom inrgessRoute with basic auth instead of the default one
additionalArguments:
  - --log.level=DEBUG
  - --providers.kubernetescrd=true
  - --providers.kubernetesIngress=true
  - --providers.kubernetesIngress.ingressClass=traefik
  - --entrypoints.web.address=:80
  - --entrypoints.web.http.redirections.entryPoint.to=websecure
  - --entrypoints.web.http.redirections.entryPoint.scheme=https
  - --entrypoints.web.http.redirections.entrypoint.permanent=true
  - --entrypoints.websecure.address=:443
# The following lines are needed if you have an error like: error while building entryPoint web: error preparing server: error opening listener: listen tcp :80: bind: permission denied
# It just means that Traefik is unable to listen to connections on the host because of a lack of permissions.
# Hence the need for aditionnal permissions.
securityContext:
  capabilities:
    drop: [ALL]
    add: [NET_BIND_SERVICE]
  readOnlyRootFilesystem: true
  runAsGroup: 0
  runAsNonRoot: false
  runAsUser: 0
deployment:
  replicas: 2

Using this configuration in cert-manager logs i can see this log entry

I0723 08:55:11.014475 1 ingress.go:92] cert-manager/controller/challenges/http01/selfCheck/http01/ensureIngress "msg"="found one existing HTTP01 solver ingress" "dnsName"="traefik.company.com" "related_resource_kind"="Ingress" "related_resource_name"="cm-acme-http-solver-pjx5n" "related_resource_namespace"="traefik-system" "related_resource_version"="v1beta1" "resource_kind"="Challenge" "resource_name"="traefik.company.com-7qjq4-3687903905-461260841" "resource_namespace"="traefik-system" "resource_version"="v1" "type"="HTTP-01"
E0723 08:55:11.075409 1 sync.go:185] cert-manager/controller/challenges "msg"="propagation check failed" "error"="wrong status code '404', expected '200'" "dnsName"="traefik.company.com" "resource_kind"="Challenge" "resource_name"="traefik.company.com-7qjq4-3687903905-461260841" "resource_namespace"="traefik-system" "resource_version"="v1" "type"="HTTP-01"

This is the ingressRoute i use to access the dashboard

---
apiVersion: traefik.containo.us/v1alpha1
kind: IngressRoute
metadata:
  name: traefik-dashboard
  namespace: traefik-system
spec:
  entryPoints:
    - web
    - websecure
  routes:
    - match: Host(`traefik.company.com`)
      kind: Rule
      services:
        - name: api@internal
          kind: TraefikService
      # Enable auth middleware
      middlewares:
        - name: auth
  tls:
    secretName: traefik.company.com

As soon as i remove the global redirection the certificate is issued. Can anyone help me understand why this happens ?