Getting 404 for my valid ingress rule in argo tunnel (2)

I have a Cloudflare config /etc/cloudflared/default.yml which looks as follows

tunnel: default
credentials-file: /root/.cloudflared//9a172a4b-bf82-4f18-9ff0-xxxxxxxx.json
ingress:
  - hostname: yuno.wyssmann.dev
    service: https://localhost:443
  - service: hello_world

logfile: /var/log/cloudflared_default.log
no-tls-verify: False
loglevel: warn

While the daemon runs as follows

[email protected] - cloudflared tunnel for default
     Loaded: loaded (/etc/systemd/system/[email protected]; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2022-10-12 11:21:58 BST; 5min ago
   Main PID: 102504
      Tasks: 9 (limit: 8986)
        CPU: 2.423s
     CGroup: /system.slice/system-cloudflared.slice/[email protected]
             └─102504 /usr/bin/cloudflared tunnel --config /etc/cloudflared/default.yml run default

However, when accessing yuno.wyssmann.dev my browser only gets a 404. Suggested in another post, I verified the config

$ cloudflared tunnel ingress validate  --config /etc/cloudflared/default.yml 
$ sudo cloudflared tunnel ingress validate
Validating rules from /usr/local/etc/cloudflared/config.yml
OK

Also the rule verification is fine

sudo cloudflared tunnel ingress rule https://yuno.wyssmann.dev  --config /etc/cloudflared/default.yml
Using rules from /etc/cloudflared/default.yml
Matched rule #1
	hostname: yuno.wyssmann.dev
	service: https://localhost:443

However, I still get a 404, so any clue what might be wrong with my config?