Thank you for your help! The issue is now resolved. Below are some notes on how I resolved it. Hopefully it can be useful for someone having a similar issue.
Django administration https://mailman.mydomain.org/admin/ had correct Mail domain but Site was still set to example.com. Fixed this, but I would speculate that was only "cosmetic".
Folder /var/lib/mailman3/archives/hyperkitty/spool/ was empty.
/etc/mailman3/mailman-hyperkitty.cfg did not contain correct api_key indeed. Fixed that.
/var/log/mailman3/mailman.log contained:
HyperKitty failure on https://mailman.mydomain.org/hyperkitty/api/mailman/urls: <html><title>Forbidden</title><body>
/var/log/mailman3/web/mailman-web.log contained:
hyperkitty.views.mailman Access to the archiving API endpoint was forbidden from IP xx.xx.xx.xx, your MAILMAN_ARCHIVER_FROM setting may be misconfigured
xx.xx.xx.xx was the server's real external IP.
Reading https://lists.mailman3.org/archives/list/mailman-users@mailman3.org/thread/L... inspired to consider if mailman might be trying to access localhost while nginx is actually redirecting all traffic to https. Looked at file /etc/hosts.
It contained (vserver default):
xx.xx.xx.xx mydomain.org
Therefore I decided to add:
127.0.0.1 mailman.mydomain.org
which resolved above error message.
By the way, previously hyperkitty web archive was functional. I dunno why it broke after a while. (Despite having none of above fixes.)
Configuration file /etc/mailman3/mailman-web.py previously contained
MAILMAN_ARCHIVER_FROM = ('127.0.0.1', '::1', 'https://mailman.mydomain.org')
Perhaps something went wrong with DNS resolution.
I might have had success with adding the server's IP to MAILMAN_ARCHIVER_FROM but I decided against hardcoding. This is difficult to remember when server IP might change in a few years and also might be more secure if the roundtrip isn't needed. Now it is just:
MAILMAN_ARCHIVER_FROM = ('127.0.0.1')