This thread seems to have gotten a little off the main topic, but just wanted to chime in and saying I’m also experiencing the exact same issues with Windows Server 2012 R2 and IIS 8.5
I’ve tried just about everything, but Chrome and OpenSSL still show X1 as the intermediate cert, not X3. The only thing I’ve seen change so far is that Firefox now, for whatever reason, is showing the correct cert chain (with X3), even though originally it did not.
Mainly trying to figure this out as CloudFlare strict SSL is not working because it also believes the cert is invalid (due to the intermediate cert pointing at X1 still).