It is difficult for us to troubleshoot a problem when a CDN is involved.
Your site is behind CloudFlare.
More than likely, you need to set your CloudFlare settings in a way that allows for what you expect.
I'm not a CloudFlare expert - but I would start there.
At a bare minimum you need to understand that
certbot doesn't know that your site is behind a CDN.
A CDN that is catching HTTP, redirecting HTTP to HTTPS, catching the HTTPS requests and handling them as you chose. And even if that choice was correct, the first request that your system will receive may be HTTPS and not was has been accounted for.